The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problems with Spam.

Discussion in 'General Discussion' started by WhiteBear, Mar 23, 2005.

  1. WhiteBear

    WhiteBear Well-Known Member

    Joined:
    Feb 19, 2004
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6
    Somebody is using my server to make Spam. They use the user "nobody". I need some instructions to block this Spam.

    I need to analyze logs of access but I do not know as. Which are the archives that I must analyze for to:

    1 - accesses of the httpd
    2 - accesses of the ftp
    3 - accesses of cpanel

    Thank you.

    To prevent I already made some things:

    - I incapacitated scripts of formmail located without compact disc /usr/local/cpanel/cgi-sys/.
    - I enable the function in WHM "Prevent the user 'nobody' from sending out mail to remote addresses (php and cgi scripts generally run as nobody if you are not using phpsuexec and suexec respectively.)"

    What more I can make to prevent this Spam?

    The responsible archives for the Spam were located in the directory /tmp. How these archives were there?

    I need that you the command teaches to me to which to block wget?

    Please, I very need your help.

    Today I only received more than 30000 e-mails from nobody's mail. I need to stop this Spam.

    Thank you,

    White Bear
     
  2. JoshPet

    JoshPet Member

    Joined:
    Jul 16, 2003
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    I'm having a similar isssue. I think I need to enable phpsuxexec
     
  3. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    The best way is to apply the latest security patches and fixes protecting your server from hackers and viruses. There are several ways hackers can do to funnel spam and use an IRC on your server. PM me if you need help!
     
  4. Ramsy

    Ramsy Guest

    perhaps take a look at this:

    http://www.rvskin.com/index.php?page=public/antispam
    http://www.webumake.com/free/eximdeny.htm

    recently added that with some rbl lists as well ... that really shut down 99% of the spam

    my list:

    list.dsbl.org : \
    sbl.spamhaus.org : \
    relays.ordb.org :\
    sbl-xbl.spamhaus.org :\
    hil.habeas.com :\
    list.dsbl.org :\
    bl.spamcop.net :\
    dnsbl.njabl.org :\
    proxies.blackholes.easynet.nl :\
    dynablock.easynet.nl :\
    spam.dnsbl.sorbs.net :\
    korea.services.net :\
    brazil.blackholes.us :\
    nigeria.blackholes.us :\
    argentina.blackholes.us :\
    malaysia.blackholes.us :\
    singapore.blackholes.us :\
    taiwan.blackholes.us :\
    porn.rhs.mailpolice.com
     
Loading...

Share This Page