The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Prevent Outgoing Spam Emails

Discussion in 'E-mail Discussions' started by ProDesignz, Mar 17, 2015.

  1. ProDesignz

    ProDesignz Member

    Joined:
    Mar 16, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I want to configure my server to stop spam by sending out emails from user domain.
    e.g. domain.com does not have any email like abc@domain.com
    But somehow they manage to send emails using outlook or other email client using abc@domain.com.
    How to set exim server to check weather email actually exists on my server before sending email from said email address?

    Is there any system inbuilt or any tool to do so?
    I'm really need it cause due to this my server's IP is getting black listed every week.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    The following document is a good place to get started:

    How to prevent email abuse

    The user should not be able to authenticate via SMTP if the email account does not exist. Did you review the message header to ensure it's not simply a spoof of the FROM address?

    Thank you.
     
  3. ProDesignz

    ProDesignz Member

    Joined:
    Mar 16, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi Michael,

    I'd checked complete header and it was showing accounts@####.com, then I check for that email account weather it exists or not. I found that email is not exists.

    I did Set the Prevent "nobody" from sending mail setting to On, which I read in cPanel forum.

    But then phpmailer script is not able to send emails from our google apps account (we are using google apps for our own emails).

    Right now I don't have such email header, but soon I'll have and I'll update with email header.

    Thank you.
     
  4. ruzbehraja

    ruzbehraja Well-Known Member

    Joined:
    May 19, 2011
    Messages:
    383
    Likes Received:
    7
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    The PHPMailer script will need to contain the login credentials of a valid email address, so that it can be authenticated and does not use the "nobody" sender.

    This link has an example for PHP Mailer with SMTP Authentication: news.hostingxtreme.com/website-forms-smtp-authentication/
     
    #4 ruzbehraja, Mar 18, 2015
    Last edited by a moderator: Oct 15, 2015
  5. ProDesignz

    ProDesignz Member

    Joined:
    Mar 16, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,
    Sorry for very late reply. I did almost all setting to prevent spam and secure email system.
    Now a days I'm very much relax with lesser spam, but still struggling to make it more secure.

    Here is the latest example.

    Code:
    [B]Spoofing of from address (sending email using actual email address of domain):[/B]
    mailnull 47 12
    [B]<somename@example.com>[/B]
    1444887729 0
    -helo_name LenovoPC
    -host_address 180.71.xx.xxx.58921
    -host_auth dovecot_login
    -interface_address xxx.xxx.xxx.xxx.587
    -received_protocol esmtpa
    -body_linecount 7865
    -max_received_linelength 141
    -auth_id [EMAIL]admin@domain.org[/EMAIL]
    -host_lookup_failed
    XX
    1
    [EMAIL]ajhinz@domain.com[/EMAIL]
    
    From:
    "some name here" <somename@example.com>
    To:
    "[EMAIL]ajhinz@domain.com[/EMAIL]" <ajhinz@domain.com>
    Subject:
    SEPTEMBER ORDER !!
    ==================================================
    
    
    Now can anybody help to set exim in such a way that it match auth_id with From email address and if doesn't match discard it.
    Or
    Is there a way that we can set a list of domains like yandex.com, yahoo.com, mail.ru etc and if From address matches it will reject and discard.

    If cPanel can provide such utility in tweak settings, it can help a lot of hosting providers.
     
    #5 ProDesignz, Oct 15, 2015
    Last edited by a moderator: Oct 15, 2015
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Have you considered enabling SpamAssassin for outgoing email? You can configure this via the following option under the "Apache SpamAssassin" tab in "WHM >> Exim Configuration Manager":

    "Scan outgoing messages for spam and reject based on the Apache SpamAssassin™ internal spam_score setting"

    Thank you.
     
  7. ProDesignz

    ProDesignz Member

    Joined:
    Mar 16, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    okay, I set this option. Let's see what will happened.
     
  8. ProDesignz

    ProDesignz Member

    Joined:
    Mar 16, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Can you tell me what would be the best Apache SpamAssassin™ reject spam score threshold?

    Finally I received notice from server abuse dept. My server IP is listed on UCEPROTECT Level 1. Is there any way to de list from UCEPROTECT.
    I know there is a paid option but it is very high USD 110.
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It's typically advised to use the default internal_score unless you notice it's too aggressive or not aggressive enough.

    There's an older thread on this particular list at:

    UCEProtect Mail Blocking

    Thank you.
     
Loading...

Share This Page