Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How to block localhost from sending emails

Discussion in 'E-mail Discussion' started by ralbano, Feb 10, 2009.

  1. ralbano

    ralbano Member

    Joined:
    Mar 9, 2008
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    51
    Hello, I;m dealing with spam, I have adopted some rules to avoid spam, like blocking user nobody from sending emails but today I noticed that there are some scripts in my server I can't find them yet) that are connecting directly to port 25 @localhost and sending spam.

    I wan't to block 127.0.0.1 as a tusted IP to relay, how can I block it?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,311
    Likes Received:
    393
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Send yourself an email from Webmail and then check where it came from in the header.

    Received: from localhost ([127.0.0.1]
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    There are a number of things that help here. The first is - use the cpanel max emails per hour feature to limit all accounts on your server to 100 email messages per hour. You can explicitly increase the limit for any accounts needing more by editing a file /var/cpanel/maxemails and running a script.

    The second is - run suphp so you can see which accounts are sending email. Unless your server is already heavily loaded this is a big help (it does increase load slightly).

    The third is - run the intelligent firewall and system monitor CSF, available from configserver.com. It will warn you if large amounts of spam go through your server.

    Blocking port 25 outgoing was a good move. You might choose to block port 25 completely for a while to get rid of your current spammers, but long term it does make it harder for legitimate users. Your current spam is probably coming from exploited form scripts. Mod_security will help with those if you have a good Bcc rule.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice