The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Large Number of Failed Login Attempts

Discussion in 'Security' started by marsm, Apr 10, 2014.

  1. marsm

    marsm Member

    Joined:
    Jan 17, 2013
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    In recent weeks/months, I've been getting a lot of messages like this:

    5 failed login attempts to account XXXX (pop3) -- Large number of attempts from this IP: XX.XX.XX.XX

    Reverse DNS: XX-XX-XX-XXXX.net

    Origin Country: United Kingdom (GB)


    While cpanel is clearly catching these, I have discovered that some people have been able to "get through" and have been using our server to send out emails in the form of large mailing lists.

    Because of this, our server has now been hit with multiple blacklists which is extremely frustrating.

    My questions are:

    1. How can we better protect ourselves to prevent dodgy people out there using our SMTP to fire our email/spam?
    2. What's the process to getting ourselves whitelisted (from an email perspective)?

    Any help and advice would be greatly appreciated.

    Regards,
    Mars
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    The first step you should take is to require that your users and their email accounts use strong passwords that are not easily brute forced. Also, the following document provides some tips on preventing email abuse:

    cPanel - Prevent Email Abuse

    The whitelist process varies with each remote mail server. You will need to review each remote mail server that has blocked your server to determine what steps are necessary.

    Thank you.
     
  3. marsm

    marsm Member

    Joined:
    Jan 17, 2013
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hmm... I have most of the things activated that have been covered in the document... passwords on our email are strong. Will keep monitoring things.
     
Loading...

Share This Page