New Server - Fresh NO SPAM Start

codegirl42

Well-Known Member
Mar 9, 2006
93
0
156
Hello all,

We've just started setting up our new server....and i was wondering what you all thought was the best way to ensure that our server does NOT become a spam server....

Are there any good scripts/hacks that you would recommend to ensure that we do not become the spam server that we were before? By spam server, we mean that many spams were executed from our server.

Thanks for advise!
 

yapluka

Well-Known Member
Dec 24, 2003
301
1
168
France
cPanel Access Level
Root Administrator
Limit the emails a domain can send per hour
Install mod_security
Use rbl filters
Install Chirpy's anti dictionnary attack
Install Chirpy's CSF/LFD
Compile apache with phpsuexec

... these are only a few suggestions... your best option could be : hire a sysadmin who will properly configure and harden your server ?

Good luck :)
 

verdon

Well-Known Member
Nov 1, 2003
923
11
168
Northern Ontario, Canada
cPanel Access Level
Root Administrator
There really are a lot of things to do to a new server, and many threads here discussing it. It's a steep learning curve, but a good one. Check-out the sticky topics in pretty much any forum here, but particulareily here http://forums.cpanel.net/forumdisplay.php?f=4

If you don't want to do it yourself, http://configserver.com/ has a complete service, in addition to some indespensible free add-ons, and really know what they are doing. Top-notch service and support.
 

celliott

Well-Known Member
Jan 2, 2006
460
0
166
United Kingdom
As already said, get a good anti-spam setup. I am currently running this combination on all my servers and its very effective at the moment:

Dictionary Attack ACL + MailScanner + Spamasassin + Spamhaus RBL

It's definatley worth hiring someone if you are unsure. I have seen prices start at around £15 for a mail server hardening package.

Chris.
 

mctDarren

Well-Known Member
Jan 6, 2004
665
4
168
New Jersey
cPanel Access Level
Root Administrator
For the record, codegirl is looking to stop spam from being SENT from their servers - not to stop it coming in...

codegirl - also be sure to lock down the forms on your site. Pay attention to those "user has uploaded new mail sending script" emails from your daily upcp runs. Watch for those PHP nobody sending spammers. There are several sites around that help you track those - Steve Leggett's NobodyCheck can help alert you to potentially malicious mail scripts. Check it out here.
 

codegirl42

Well-Known Member
Mar 9, 2006
93
0
156
For the record, codegirl is looking to stop spam from being SENT from their servers - not to stop it coming in...

codegirl - also be sure to lock down the forms on your site. Pay attention to those "user has uploaded new mail sending script" emails from your daily upcp runs. Watch for those PHP nobody sending spammers. There are several sites around that help you track those - Steve Leggett's NobodyCheck can help alert you to potentially malicious mail scripts. Check it out here.
You're on the money. :) Thanks for that.
I've installed the NobodyCheck and I'll just monitor it to make sure. :)
 

celliott

Well-Known Member
Jan 2, 2006
460
0
166
United Kingdom
For the record, codegirl is looking to stop spam from being SENT from their servers - not to stop it coming in...

codegirl - also be sure to lock down the forms on your site. Pay attention to those "user has uploaded new mail sending script" emails from your daily upcp runs. Watch for those PHP nobody sending spammers. There are several sites around that help you track those - Steve Leggett's NobodyCheck can help alert you to potentially malicious mail scripts. Check it out here.
An RBL does just that mate, I can read. If the senders IP is Blacklisted the server will automatically reject the email rather than allowing it to be sent through her SMTP server.
 

codegirl42

Well-Known Member
Mar 9, 2006
93
0
156
An RBL does just that mate, I can read. If the senders IP is Blacklisted the server will automatically reject the email rather than allowing it to be sent through her SMTP server.

This sucks... :(
For information on how to configure your mail server to use sbl.spamhaus.org please refer to your mail server documentation/manuals or ask your mail server developer. With so many different mail servers in use we can not offer technical help with setting up the SBL.
do you have any further documentation on them? How'd YOU set it up?