The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Geeting Same Spam on few a/c's

Discussion in 'General Discussion' started by mohit, Jul 23, 2006.

  1. mohit

    mohit Well-Known Member

    Joined:
    Jul 12, 2005
    Messages:
    553
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sticky On Internet
    hi,
    few a/c's are being spammed everyday and mails sent to is almost same as of other domains.

    i've checked exim, its updated, and these mails come from different box, and i've not allowed user"nobody" to relay mails from a yr. ago.

    could any one suggest on this.

    mails recd. by domains are for:-
    uucp@mydomain. cxx
    majordomo@mydomain.cxx
    accounts@mydomain.cxx
    sales@mydomain.cxx
    postmaster@mydomain.cxx
    root@mydomain.cxx
    mail@mydomain.cxx
    webmaster@mydomain.cxx
    accounting@mydomain.cxx
    (mydomain.cxx = my real domain)

    thanx in advance.
    mohit
     
  2. Snowman30

    Snowman30 Well-Known Member
    PartnerNOC

    Joined:
    Apr 7, 2002
    Messages:
    681
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    Ive notcied a couple of servers doign the same thing

    anyone know a way to stop them?
     
  3. RickG

    RickG Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    238
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    North Carolina
    These are typical dictionary attacks where the spammer is hoping to find a valid address.

    1) Make sure you have all account default addresses set to :fail: , not :blackhole:

    2) Install ConfigServer's Dictionary Attack ACL from
    http://www.configserver.com/free/eximdeny.html
     
  4. Snowman30

    Snowman30 Well-Known Member
    PartnerNOC

    Joined:
    Apr 7, 2002
    Messages:
    681
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    Thats whats got me worried im seeing this on 2 servers that Chirpy's done the full works on

    its only just popped up in the past couple of days...
     
  5. Snowman30

    Snowman30 Well-Known Member
    PartnerNOC

    Joined:
    Apr 7, 2002
    Messages:
    681
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    Ive started getting hit with this crap yet again

    does anyone have a way to prevent it?
     
Loading...

Share This Page