How do we stop spammers from using our mailservers ?

jeroman8

Well-Known Member
Mar 14, 2003
410
0
166
I have added all the tweaks there is in WHM regarding to be safe against
spammers using my SMTP/sendmail to send out spam but still the server
is blacklisted every now and then cause of spam being sent out.

I can see some **** in the mail logs but can't figure out where it come from.
The headers supposed to be added doesn't say from which account the mail
was sent - just the user nobody.

Now, I know a lot of people are having this kind of problems and we really need
some sort of "how to" or a script that can figure out when someone is spamming
from the server and stop it.

Does such a script exist ?
Anyone have a good "how to stop a spammer" tutorial ?

I mean a script that reads the mail and find the word "prescription" or "paypal"
and if the words or mail is the same in more than x outgoing mails it will block it
or report it to an e-mail or log with all kinds of easy to find the account abusing info.
 

dalem

Well-Known Member
PartnerNOC
Oct 24, 2003
2,980
156
368
SLC
cPanel Access Level
DataCenter Provider
best way is to keep an eye on your users ;)
there is really no one script magic solution most of it is up to you I usally catch them before the y start sending . screen you users before setting up their accounts when in doubt dont host them

I use phpsuexec & suexec to prevent spammers to send as nobody


there is a script here http://home-port.net/ but I have never used it so I can comment on it
 

jeroman8

Well-Known Member
Mar 14, 2003
410
0
166
Thanks, I'll check out the script.

I have thought about php suexec but do not use it.
Maybe I should test it on some new servers so I wont mess
working scripts up.

Thanks
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
31
473
Go on, have a guess
Simplest way is to set WHM > Tweak Settings > The maximum each domain can send out per hour > to something low, like 100 - this mitigates the damage that can be done.

Also:

1. securing your server and make sure your OS and all its apps (including apahce and php) are up to date
2. making sure any exploitable scripts (like phpBB) are up to date
3. Install mod_securty with a good set of Filters

You could also install something like MailScanner with bout in and outgoing email filtering to check for spam.