The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Email Spoofing Question

Discussion in 'E-mail Discussions' started by nootkan, Dec 31, 2007.

  1. nootkan

    nootkan Well-Known Member

    Joined:
    Oct 25, 2006
    Messages:
    129
    Likes Received:
    2
    Trophy Points:
    18
    I have been recieving over two thousand emails a day for the last 7 days from servers with subject lines similar to this one: Delivery Status Notification (Failure). My question is how do I stop this from happening as I've contacted the account that seems to be the culprit domain in the address, but he claims that his computer is clean and free of virus's and so I told him to send out an email asking everyone who has his email address requesting them to check for a virus in their system. So I keep getting the same comment about clean and virus free systems. After doing intense research using google and this forum among others, I have to assume that someone somewhere must have a virus for this to be happening, but with my limited experience in running my own server I am at a loss as to what I can do next. So far I've gone into exim configuration and checked that the rbls are checked and I noticed that "** BL: Reject mail sent directly to addresses at the primary hostname from remote servers" wasn't checked so I checked that and saved the new configuration. Did I do the right thing? Is there something else I can do? How can I shut down the main email account for the culprit domain as temp solution? I have had the company chirpy works for install the security package and up till now had never had these spoofing cases on such an extreme level before.

    My server is: GNU/Linux Server Version: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28 OpenSSL/0.9.7a PHP-CGI/0.1b
    Processor #1 Vendor: AuthenticAMD
    Processor #1 Name: AMD Athlon(TM) XP 2200+
    Processor #1 speed: 1791.593 MHz
    Processor #1 cache size: 256 KB
    WHM 11.11.0 cPanel 11.16.0-C18546
    CENTOS Enterprise 4.6 i686 on standard - WHM X v3.1.0
     
Loading...

Share This Page