The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need help stopping a spammer

Discussion in 'General Discussion' started by elenlace, Jun 11, 2003.

  1. elenlace

    elenlace Well-Known Member

    Joined:
    Sep 10, 2002
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    Hi,

    I'm finding out that a certain host is somehow sending mail through my server. Incidentaly, I can't find any reference to the messages in /var/log/maillog, however, when I run:

    grep *IP* /var/log/exim_mainlog

    I get many of the following lines:

    2003-06-11 10:43:27 19Q7l1-0000X7-00 <= lreynaga@alphamexico.com H=(www.desde-me
    xico.com) [216.40.196.60] P=esmtp S=7828 id=000001c33030$120fba90$53ddfea9@alpha
    6

    I have tried putting the host in /etc/hosts.deny and it doesn't stop the spam. I need help; I don't seem to find a way to block this user.

    Regards,

    Alessandro Arona
    elenlace.com

    cPanel.net Support Ticket Number:
     
  2. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
    You can block the recipient in exim.conf ....? Unless the email keeps changing..

    Brenden
     
  3. elenlace

    elenlace Well-Known Member

    Joined:
    Sep 10, 2002
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    Hi,

    Actually this domain is sending mail THROUGH my server, not actually sending mail TO my server, it was my mistake not to clarify that.

    Thanks,

    Alessandro Arona

    cPanel.net Support Ticket Number:
     
  4. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
    What about adding a ip block on the route? I.e.

    /sbin/route add -host 198.78.175.26 reject

    This is for newer linuxes.. Not sure if it's ok for RH 7.3.
    This is probably ok if the server is nothing legitimate. It's drastic if it's a server that is a big ISP or something.

    Let me think here..

    cPanel.net Support Ticket Number:
     
    #4 tAzMaNiAc, Jun 11, 2003
    Last edited: Jun 11, 2003
Loading...

Share This Page