The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to block localhost from sending emails

Discussion in 'E-mail Discussions' started by ralbano, Feb 10, 2009.

  1. ralbano

    ralbano Member

    Joined:
    Mar 9, 2008
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Hello, I;m dealing with spam, I have adopted some rules to avoid spam, like blocking user nobody from sending emails but today I noticed that there are some scripts in my server I can't find them yet) that are connecting directly to port 25 @localhost and sending spam.

    I wan't to block 127.0.0.1 as a tusted IP to relay, how can I block it?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,478
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Send yourself an email from Webmail and then check where it came from in the header.

    Received: from localhost ([127.0.0.1]
     
  3. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    There are a number of things that help here. The first is - use the cpanel max emails per hour feature to limit all accounts on your server to 100 email messages per hour. You can explicitly increase the limit for any accounts needing more by editing a file /var/cpanel/maxemails and running a script.

    The second is - run suphp so you can see which accounts are sending email. Unless your server is already heavily loaded this is a big help (it does increase load slightly).

    The third is - run the intelligent firewall and system monitor CSF, available from configserver.com. It will warn you if large amounts of spam go through your server.

    Blocking port 25 outgoing was a good move. You might choose to block port 25 completely for a while to get rid of your current spammers, but long term it does make it harder for legitimate users. Your current spam is probably coming from exploited form scripts. Mod_security will help with those if you have a good Bcc rule.
     
Loading...

Share This Page