The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Preventing cPanel users from spamming

Discussion in 'General Discussion' started by robotwink, Sep 2, 2009.

  1. robotwink

    robotwink Registered

    Joined:
    Sep 2, 2009
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I have a shared hosting server and one of my servers was recently compromised and used to send SPAM therefore it was banned from all major email service providers, including Hotmail, Yahoo! and Gmail.

    Only one of the sites on the server was compromised and darkmailer.pl, dm.cgi, dosja.cgi etc was uploaded and without causing any load or something that can be noticed the sever was banned!

    Could you please tell me how can I prevent this from happening again?

    Thanks.
     
  2. MattCurry

    MattCurry Well-Known Member

    Joined:
    Aug 18, 2009
    Messages:
    275
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Houston, Tx
  3. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    Do the following:

    • install CSF and ensure it is preventing outgoing connections on port 25
    • turn on the max emails per hour feature of cpanel
    • install suphp/suexec (may need to fix permissions)

    These three will solve most of your problem immediately. CSF will prevent outgoing direct-to-port-25 connections, and the max emails per hour feature will limit spam sent through exim.

    You should also sign up with the feedback loops for hotmail and yahoo as they'll send you emails if anyone sends spam from your IP addresses.
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    There is a long list of measures you can take to prevent this though I am
    reluctant to publicly post some of the "better" techniques that I would use
    to curb this kind of issue from happening for what should be obvious reasons.

    Talk to me privately and I'll be glad to give you a few tips and pointers.

    If you need a deeper helping hand, I'd also be further available as well to
    review your server and help you get things much better secured.
     
Loading...

Share This Page