The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Invalid user names sending email

Discussion in 'E-mail Discussions' started by doulos61, Oct 11, 2007.

  1. doulos61

    doulos61 Well-Known Member

    Dec 13, 2006
    Likes Received:
    Trophy Points:
    After viewing some statistics I have come across the following.

    In WHN -by viewing Email >> View Relayers I see that the server has been used to spam. I need to seal this up wherever it is coming from // whatever means they are using. Its happened under 200 times this month, but its happened nonetheless.

    Someone has been able to push spam through the server using non-existing accounts -- which indicates they've purposely targetted this server for the activity. Whoever may have found us through a domain that was migrated to our new host as this was a target on the other server before we moved.

    I already had the sendmail configured not to use "nobody" as a default user when no user was called --- sooooooo, this issue exceeds my skill level security wise.

    Here is a list of the Invalid user names used and the amount sent through

    username:" email sent: 119 bytes: 1913318
    username: when email sent: 1 bytes: 1483
    username: 50mg email sent: 1 bytes: 2834
    username: \"FrUiTCaKeS\" email sent: 1 bytes: 3602
    username: you" email sent: 1 bytes: 2225
    username: Viagra email sent: 1 bytes: 2561
    username: (ns2 server)" email sent: 1 bytes: 796
    username: sale" email sent: 1 bytes: 3229

    I would appreceiate any information, or a link to a post reguarding a fix for this hole in my securty dam.

    #1 doulos61, Oct 11, 2007
    Last edited: Oct 11, 2007
  2. jerrybell

    jerrybell Well-Known Member

    Nov 27, 2006
    Likes Received:
    Trophy Points:
    Can you give some more information? What version of cpanel/whm are you using? Are you using the mail system that comes as part of cpanel? Are the emails that you are seeing for local accounts or spam that is going to other sites?

Share This Page