The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Prevent Nobody from sending mail

Discussion in 'E-mail Discussions' started by GOT, Mar 5, 2004.

  1. GOT

    GOT Get Proactive!

    Joined:
    Apr 8, 2003
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Norfolk, VA
    cPanel Access Level:
    DataCenter Provider
    I haev one server that I work with that is attracting some bad apples as clients. We, like most everyone, allowed the user nobody to send mail. Well, someone was abusing it and sent out about 20,000 spam emails. We also get occasional mail bombs.

    We compiled PHP with SuExec, but that caused way to many problems for the legitimate users of the system, so instead we checked the box to prevent the user nobody from sending emails.

    Guess what? 20,000 messages later, we are back at suexec.

    Can someone else confirm that this option is really broken, or am I missing something int eh big picture? How can the user nobody send out 20,000 messages with that box checked?
     
  2. phantom2

    phantom2 Well-Known Member

    Joined:
    Jan 3, 2004
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    I leave the "do not all ow php to send email as nobody unchecked. It caused some scripts not to work.

    You're going to get spammers. That's the nature of the business. However there are many things you can do to prevent spam by limiting the amount of emails can be sent out per user er hour. Tweak your Exim and sendmail.

    Also, make sure you state in your terms of service that shared clients can only send out 300 emails per day max unless they have special permission to do so.

    Also, in you terms, state that it is impossible to spam so dont bother trying and that each complaint received will result in a $500 fine.

    It helps. :eek:)
     
  3. GOT

    GOT Get Proactive!

    Joined:
    Apr 8, 2003
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Norfolk, VA
    cPanel Access Level:
    DataCenter Provider
    Does that limit apply to the user nobody? I did not think that it does.

    The problem is that they are using php to spam. The noc is getting so many complaints that they have twice threatened to pull the plug on the server. Nothing shows in the apache logs because all it takes is one access to launch the spam.

    Given your setup is the norm I am used to, how do you figure out who is spamming when they are using the nobody account?
     
  4. phantom2

    phantom2 Well-Known Member

    Joined:
    Jan 3, 2004
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    ore than likely they are signing up using proxys. Join one of those proxy list sites and block those proxy IP's via htaccess. That will help but may not stop the problem. It's very odd to have THAT much of a spam problem. We get a spammer maybe once every 5 to 6 months.
     
Loading...

Share This Page