Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Prevent users from sending emails that gets server IP blocked?

Discussion in 'E-mail Discussion' started by Shood, Sep 14, 2018 at 5:50 PM.

  1. Shood

    Shood Well-Known Member

    Joined:
    Aug 12, 2015
    Messages:
    46
    Likes Received:
    8
    Trophy Points:
    83
    Location:
    Middle East
    cPanel Access Level:
    Root Administrator
    Hello there,
    I need your suggestions please about avoiding this issue:

    Before about 3 months ago, one of my customers sent an email message with about 40 recipients email addresses (@yahoo.com) So yahoo.com received about 40 messages at the same time delivered from my server.
    Immediately they blocked my server. So all other domains hosted on my server cannot send emails to Yahoo.
    I contacted them for hundreds of time within three months but no luck.
    Finally, my server can sends to Yahoo now.

    My question is: How you can protect your server against a similar scenario?
    Suppose that there's someone has a domain on your server and wants to play with you, he can send a message to 50 emails (and maybe he choose mistake addresses to harm you). In this case your server will get blocked on Yahoo, Hotmail ...etc
    From your experiences as a server owner, how to protect your server?
    I think that setting MAX_HOURLY_EMAIL to 10 emails isn't a good idea.

    Any idea will be appreciated.
    Thank you
     
  2. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,679
    Likes Received:
    183
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello @Shood

    Sending 40 messages to yahoo actually shouldn't have blocked your server unless one of the following conditions were met:

    1. The mail was obvious spam
    2. Your server doesn't meet their bulk sender guidelines; Yahoo Mail deliverability FAQs | Yahoo Help - SLN24439
    3. Related to both above an email can match either of these conditions if you don't have a valid PTR, SPF or DKIM for the domain.

    With those points in mind it's difficult at this point to tell you what specifically happened (especially with no access to the server)
    I will say that protecting your server from this kind of behaviour occurring again would need to include a few points:

    - There are several spam protection settings in tweak settings that would be relevant in this case one of which is as following found in WHM>>Server Configuration>>Tweak settings:
    Monitor the number of unique recipients per hour to detect potential spammers.
    The system will monitor the number of emails to unique recipients that each individual email user sends. If this number exceeds the specified threshold, the system will send a notification.
    -
    While setting this to 10 may be restrictive this can be modified to whatever you find reasonable for your domains

    - You can enable SpamAssassin for outbound mail which can help prevent spam from leaving your server in the event an account is compromised.


    The documentation here may also be helpful:
    How to Keep your Email Out of the Spam Folder - cPanel Knowledge Base - cPanel Documentation
    How to Prevent Spam with Mail Limiting Features - cPanel Knowledge Base - cPanel Documentation
    How to Prevent Email Abuse - cPanel Knowledge Base - cPanel Documentation

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Shood likes this.
  3. Shood

    Shood Well-Known Member

    Joined:
    Aug 12, 2015
    Messages:
    46
    Likes Received:
    8
    Trophy Points:
    83
    Location:
    Middle East
    cPanel Access Level:
    Root Administrator
    Hello @cPanelLauren
    Thank you very much for this rich information.
    My server meeting the three conditions you've mentioned, I think that the major reason of blocking is the invalid email addresses that user sent to, about 10 of 40 addresses on Yahoo are missing.
    Yahoo support team said that "maybe" the reason is that: my server wasn't sent emails to Yahoo for a while then suddenly it received a big amount (40) emails with some invalid email addresses.

    About protecting my server from this kind of behavior in the future, I will take a deep look at the helpful links and steps you've provided me, in case I need your advice again I will get back here :)

    Regards.
     
  4. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,679
    Likes Received:
    183
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Shood

    I would suggest if nothing else you ensure that each domain has a valid SPF and DKIM and the server's IP's used to send mail have valid PTR records. This is one of the most important methods of preventing blacklisting/blocking. Please let me know if you have any questions on the documentation I provided as well.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice