The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disabling spam-bots

Discussion in 'E-mail Discussions' started by stars, Dec 8, 2012.

  1. stars

    stars Member

    Joined:
    Oct 2, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    We are seeing a lot of remotely triggered attempts to use our server as a relay in WHM Home>>Email>>Mail Delivery Reports. The mail originates from test@live.com, the recipient is therichsheickc@yahoo.com. A quick search on Google reveals that this is a known spam bot controlling a large bot net with hundreds or thousands of IP addresses.

    Since we have enabled Helo callouts and SPF records are in place, the Spam is not delivered (Sender verify failed). However, the spammer is using up server resources. We believe that the spammer used a contact form to access the server. We have since removed the contact form, but failed send attempts continue to show every 3 – 4 minutes in Mail Delivery Reports. Any advice will be appreciated.
     
  2. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    132
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    I have exactly the same problem going on with these addresses.
     
  3. dreas

    dreas Active Member

    Joined:
    Nov 19, 2008
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Amsterdam, The Netherlands
    Possibly your Exim log will show more details about the origin of these messages? Do you perhaps have a full message source including headers?
     
  4. stars

    stars Member

    Joined:
    Oct 2, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Yes, but they will not help. The spammer is using several thousand computers with different IPs he or she controls around the globe. So it is impossible to block them all. Even blocking an entire country will not resolve the issue.
     
  5. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    132
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Any helpful news on this?
     
Loading...

Share This Page