The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

relay issue

Discussion in 'E-mail Discussions' started by Dante78, Nov 3, 2012.

  1. Dante78

    Dante78 Well-Known Member

    Joined:
    May 1, 2010
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    56
    Hello

    I get more often these kind of warnings from my servers:

    Time: Sun Nov 4 01:24:28 2012 +0200
    Type: AUTHRELAY, Remote IP - 211.44.xx0.xxx (KR/Korea, Republic of/-)

    Obviously someone is using a hosting account to send spam.

    How can I prevent connections to certain accounts from getting used in this manner?

    Thanks
     
    #1 Dante78, Nov 3, 2012
  2. gunmuse

    gunmuse Well-Known Member

    Joined:
    Jul 3, 2003
    Messages:
    98
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    New Mexico
    I am looking for a simliar shut off of the authrelay We have been blacklisted because of a relay of spam from a domain that I DELETED. So this spoofing is probably part of the "please let the communists control ICANN campaign" But getting blacklisted is causing outgoing mails to end up dead.
     
    #2 gunmuse, Dec 4, 2012
  3. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,301
    Likes Received:
    42
    Trophy Points:
    178
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    It's probably a result of one of your users having a hijacked email account. You need to search your /var/log/exim_mainlog.

    Do something like this [and I"m sure there are more efficient ways to do this]:

    grep '211\.44\.xx0\.xxx' /var/log/exim_mainlog|grep courier_login
    or
    grep '211.44.xx0.xxx' /var/log/exim_mainlog|grep courier_login


    Then look for the email account that the spammer authenticated into in order to relay the spam:

    A=courier_login:some-email@someaddress.ext

    m
     
    #3 mtindor, Dec 4, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - relay issue
  1. arjanvr

    Relay issue

    arjanvr, May 10, 2017, in forum: E-mail Discussions
    Replies:
    1
    Views:
    119
    cPanelMichael
    May 10, 2017
  2. nosajix

    SMTP Relay Issues

    nosajix, Mar 8, 2016, in forum: E-mail Discussions
    Replies:
    2
    Views:
    633
    nosajix
    Mar 18, 2016
  3. cuzzmunger

    Rejected relay attempt

    cuzzmunger, Jun 29, 2017, in forum: E-mail Discussions
    Replies:
    7
    Views:
    194
    cPanelMichael
    Jul 3, 2017
  4. nitaish

    rejected RCPT : Rejected relay attempt

    nitaish, May 1, 2017, in forum: E-mail Discussions
    Replies:
    3
    Views:
    515
    cPanelMichael
    May 2, 2017
  5. koda

    Relay access denied when receiving from gmail

    koda, Apr 21, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    149
    CHWSUK
    Apr 25, 2017

Share This Page