The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

outgoing spam - suggetion required

Discussion in 'General Discussion' started by crazyaboutlinux, Apr 10, 2009.

  1. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    I am facing outgoing spam issues in our servers, while searching in google we have found out following link for controlling outgoing spam activities, can at cPanel please go through following links & let us know whether this provide is realible & installing their solution is secure/harmless on our server or not ?

    http://www.grscripts.com/howtofaq.html#56b
    http://www.grscripts.com/

    I require your suggestion to go ahead.

    OR any other outgoing spam solutions

    waiting for your replies
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
  3. Warrenw

    Warrenw Active Member
    PartnerNOC

    Joined:
    Nov 1, 2008
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
    In WHM server configuration you can set the option 'The maximum each domain can send out per hour' to prevent spam. This way you can also view your mail logs and see a message indicating which of your domains are breaking the rule. Any email sent in excess of the rule is discarded and never gets sent.
     
  4. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    its already set 100 limit emails per hour per domain, but this limit is effecting only actual users who are not sending spam mails

    but the spammers haven't effect this limit & they can sending unsolicited emails
    even 100 limit set per hour per domain using the script e.g php, perl , cgi

    & our IP goes poor reputation in www.senderbase.org

    now whats the easy way to find out spammers in our server
     
  5. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    The solution is to use either CSF or cPanel's "SMTP Tweak". This blocks direct attempts to send on port 25 via scripts which would stop most of your problem.

    For your customers who are complaining about the limit of 100 per hour (I'd actually make it a little higher, say 150 - 250/hour) you can individually increase the limit.

    If you haven't already installed CSF, you should go to www.configserver.com/cp/csf.html and install it on your server. Coupled with mod_security it's a highly effective way of stopping hacking and all sorts of security and exploit related issues.
     
  6. AlexandreVeezon

    AlexandreVeezon Well-Known Member

    Joined:
    Dec 9, 2005
    Messages:
    99
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    /br/sc/rionegrinho
    cPanel Access Level:
    Root Administrator
    If you prevent customers from sending mail through php mail() function, it will help to stop spam either. Not alone, obviously, but with this, if someone sends spam, YOU WILL KNOW WHO are doing.

    :)
     
  7. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    how can it help
     
  8. AlexandreVeezon

    AlexandreVeezon Well-Known Member

    Joined:
    Dec 9, 2005
    Messages:
    99
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    /br/sc/rionegrinho
    cPanel Access Level:
    Root Administrator
    Tweak Settings on WHM:

    Prevent the user "nobody" from sending out mail to remote addresses (PHP and CGI scripts generally run as nobody if you are not using PHPSuexec and Suexec respectively.)

    Just check it
     
  9. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Yes Brionoz we are using CSF but till now we are not able to control outgoing spam mails, recently we found cgi spam scripts which is called hnc.cgi & dm.cgi you may heared about this

    I want to keep 150 limit per hour but how can i individually increase the limit for our higher customer , i really need solution for this

    we have installed CSF firewall & mod_security though we are not able to controlling outgoing spam

    bronoz tell me one thing which settings to be required in csf configuration
    i need your suggestion
     
  10. tuxicans

    tuxicans Active Member

    Joined:
    Oct 16, 2008
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    6
    If your tmp partition is not secure you can have a look at /tmp for any malicious scripts or files with mail address list, infact even if you have secured /tmp you should have a look imho.

    Another way is to check the mail logs using the command,
    grep cwd /var/log/exim_mainlog|grep -i spool

    It will show directories from which the mailing scripts have been sending the mails. remember it will not show the actual scripts but only parent directories.

    Another option is to use the command "ps aux" which will show all currently running processes. Searchthe list for any suspecious perl scripts there.

    Best Of Luck !
     
  11. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    For your customers who are complaining about the limit of 100 per hour (I'd actually make it a little higher, say 150 - 250/hour) you can individually increase the limit.
    I want to keep 150 limit per hour but how can i individually increase the limit for our higher customer , i really need solution for this

    Hi Tuxicans,

    do you know this thing ?
     
  12. nxweb

    nxweb Active Member

    Joined:
    Oct 29, 2008
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    This can be done by the following steps...

    edit /var/cpanel/maxemails

    Code:
    # If you update this file you must run /scripts/build_maxemails_config
    domain.com=5000
    anothersite.net=250
    
    then run /scripts/build_maxemails_config
     
  13. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Thanks i got this by before you update & its really works thanks again for your update
     
  14. linuxserverguy

    linuxserverguy Active Member

    Joined:
    Apr 14, 2005
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Hello Nilesh,

    What do you mean this works? do you see lots of dm.cgi dark.cgi still uploaded but no spamming?
     
  15. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    I was talking about : edit /var/cpanel/maxemails
     
  16. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    When talking about limiting spam, there is no single solution that will
    all around block spam but many tweaks chances and additins you can
    do to your mail system that when used in combination will greatly
    enhance your spam defense capabilities.
     
Loading...

Share This Page