IP Reputation , Email Spamming and Mass Mailing

[azadhussnain]

Hello , my server provider sent me a mail that there are a lot of spamming happening from my IP address and if you not solve that in some time then your IP can be blocked by DataCenter.
I am at risk please anyone help me.

I also seen there are a lot of emails being sent from my server IP. I check senderscore.org and there my IP reputation is Just 1
I got a list of 65 domains which are seen sending emails from my IP but none of them exists in my server but they are sending emails from my IP. How is it possible ? Anyone can help me?

 

[ZenHostingTravis]

Hi @azadhussain,

When you set up the server, you should limit the amount of email that can be sent by the server and each account.

It's not too late to restrict the amount of email that can be sent by your server.

It's possible that a site has been hacked and used to relay spam. Do you use Imunify? If not, can you run a maldet scan on your server?

Check the mail queue to see what accounts the spam is being sent from.

 

[azadhussnain]

I added limit.
But I think there are many domains that are sending emails from my IP via PHP Mailer.
Most of them are hosted on GoDaddy.
I seen in senderscore.org, there are many domains which are seen sending emails from IP but none of them exists in my server.
But I seen they are sending emails from my IP.
How they can do this?
Can we stop it?
From this anyone can send emails from any IP and down any IP reputation.
Is there any way to stop it?

 

[andrew.n]

How many emails do you send out? You can check the number of emails currently in mail queue if you login to WHM under "Mail Queue" option. If you see many stuck emails then probably either some of the accounts are compromised or you have contact forms without captcha. If your hosting provider told you this then they should also forwarded you proof like an example email...from the headers you will be see (X-sender or X-forwarder) how it's being sent out.

 

[cPJustinD]

Hey there! In order to remedy the issue, you will first need to fully identify the source of the spam emails. We've published the following articles that outline how to identify the source of spam emails on the server:

How to find the source of spam emails

Introduction In this article, we will be exploring means to determine how spam emails were sent from your server. This is meant to guide you in the right direction in which a further, more in-dep...

support.cpanel.net

How to Find the Source of a Large Amount of Email

Introduction In this article, we will be exploring a means to determine what email accounts are sending a large number of emails. This is meant to guide you in the right direction. A further, more ...

support.cpanel.net

Once you have identified the source, you can then work with your system administrator to take the appropriate actions to rectify the issue. Then, if you are on any blacklists, you may then request to be delisted. More on this can be found here:

Tutorial - How do I check if my mail server is blacklisted?

Overview There are many instances in which external mail servers may block mail from your server, resulting in outgoing mail attempts being rejected with a bounce-back error. Typically, this issue is caused by your server's sending IP or domain...

forums.cpanel.net