Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Receiving spam to Mailer-Daemon@myserverdomain.com

Discussion in 'E-mail Discussion' started by SSy, Jul 25, 2018.

Tags:
  1. SSy

    SSy Active Member

    Joined:
    May 10, 2016
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi there - in the last few days I'm getting lots of spam to the Mailer-Daemon email address - these are not bounces but rather emails sent directly to it. How do I disable this?

    Thanks.
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @SSy,

    Can you provide the output from /var/log/exim_mainlog for one of the offending emails? EX:

    Code:
    exigrep Subject /var/log/exim_mainlog
    Replace "Subject" with the subject of one of the offending messages. Ensure to paste the output in CODE tags and to remove references to real domain names and IP addresses.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. SSy

    SSy Active Member

    Joined:
    May 10, 2016
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Code:
    2018-07-26 00:09:42 1fiXav-002d0m-8r <= 2484482187@domain.com H=(domain.com) [IP.IP.IP.IP]:58358 P=smtp S=6394 id=bf9f801e6f992ceada0533540e6883c4@domain.com T="8\345\277\253\345\277\253 \345\212\240\344\274\201\351\271\2051960009745 \345\205\215\350\264\271\351\200\201188\347\266\265\351\207\221 \345\234\260\345\235\200554638 \345\205\270C0M               \r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r" for Mailer-Daemon@mydomain.com
    2018-07-26 00:09:42 1fiXav-002d0m-8r SMTP connection identification D= O=root@mydomain E=email@gmail.com M=1fiXav-002d0m-8r U=root ID=0 B=redirect_resolver
    2018-07-26 00:09:42 1fiXav-002d0m-8r check_mail_permissions could not determine the sender domain [routed_domain=gmail.com message_exim_id=1fiXav-002d0m-8r sender_host_address=IP.IP.IP.IP recipients_count=1]
    2018-07-26 00:09:43 1fiXav-002d0m-8r => me (root@mydomain.com, postmaster@mydomain.com) <Mailer-Daemon@mydomain.com> R=virtual_user T=dovecot_virtual_delivery C="250 2.0.0 <myemail@mydomain.com> 4Z2RBIdJWVvRjQkAMSDWvQ Saved"
    2018-07-26 00:09:43 1fiXav-002d0m-8r ** email@gmail.com (root@mydomain.com, postmaster@mydomain.com) <Mailer-Daemon@mydomain.com> R=lookuphost T=remote_smtp H=gmail-smtp-in.l.google.com [209.85.232.26] X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=yes: SMTP error from remote mail server after end of data: 550-5.7.1 This message does not have authentication information or fails to pass\n550-5.7.1 authentication checks. To best protect our users from spam, the\n550-5.7.1 message has been blocked. Please visit\n550-5.7.1  https://support.google.com/mail/answer/81126#authentication for more\n550 5.7.1 information. y51-v6si299404qth.95 - gsmtp
    2018-07-26 00:09:43 1fiXav-002d0m-8r Completed
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @SSy,

    If the SPAM is targeted towards a specific domain name, then you can setup a global email filter to discard or reject the emails sent to Mailer-Daemon@domain. Here's some documentation to help with this:

    Global Email Filters - Version 72 Documentation - cPanel Documentation
    How to Configure Mail Filters - cPanel Knowledge Base - cPanel Documentation

    That said, a better approach is to attempt to prevent the server from receiving the SPAM in the first place. Do you use the Greylisting feature? I often see reports from customers noting it's effectiveness at stopping SPAM:

    Greylisting - Version 72 Documentation - cPanel Documentation

    Let me know if this helps.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. SSy

    SSy Active Member

    Joined:
    May 10, 2016
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi Michael - I'm confused - why is the server accepting external mail for that and routing it to me to begin with?
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Can you confirm what you configured for the domain name receiving those emails under the Default Address option in cPanel?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. SSy

    SSy Active Member

    Joined:
    May 10, 2016
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    This is not a domain in cPanel - this is my whole WHM server hostname. So if my hostname is server.net it is sending to Mailer-Daemon@server.net and routing it to my contact email in WHM settings. How do I disable this? I can't add this as a domain either as it is my hostname.
     
  8. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @SSy,

    Thank you for clarifying.

    Here's a recent answer from a support ticket where the same question was asked:

    Documentation on the system filter file is available at:

    How to Customize the Exim System Filter File - cPanel Knowledge Base - cPanel Documentation

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice