Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

relay issue

Discussion in 'E-mail Discussions' started by Dante78, Nov 3, 2012.

  1. Dante78

    Dante78 Well-Known Member

    Joined:
    May 1, 2010
    Messages:
    55
    Likes Received:
    0
    Trophy Points:
    56
    Hello

    I get more often these kind of warnings from my servers:

    Time: Sun Nov 4 01:24:28 2012 +0200
    Type: AUTHRELAY, Remote IP - 211.44.xx0.xxx (KR/Korea, Republic of/-)

    Obviously someone is using a hosting account to send spam.

    How can I prevent connections to certain accounts from getting used in this manner?

    Thanks
     
    #1 Dante78, Nov 3, 2012
  2. gunmuse

    gunmuse Well-Known Member

    Joined:
    Jul 3, 2003
    Messages:
    98
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    New Mexico
    I am looking for a simliar shut off of the authrelay We have been blacklisted because of a relay of spam from a domain that I DELETED. So this spoofing is probably part of the "please let the communists control ICANN campaign" But getting blacklisted is causing outgoing mails to end up dead.
     
    #2 gunmuse, Dec 4, 2012
  3. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,303
    Likes Received:
    42
    Trophy Points:
    178
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    It's probably a result of one of your users having a hijacked email account. You need to search your /var/log/exim_mainlog.

    Do something like this [and I"m sure there are more efficient ways to do this]:

    grep '211\.44\.xx0\.xxx' /var/log/exim_mainlog|grep courier_login
    or
    grep '211.44.xx0.xxx' /var/log/exim_mainlog|grep courier_login


    Then look for the email account that the spammer authenticated into in order to relay the spam:

    A=courier_login:some-email@someaddress.ext

    m
     
    #3 mtindor, Dec 4, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - relay issue
  1. hesperson

    Relay Issues - removed domain

    hesperson, Sep 19, 2017 at 12:43 PM, in forum: E-mail Discussions
    Replies:
    7
    Views:
    55
    cPanelMichael
    Sep 20, 2017 at 1:48 PM
  2. arjanvr

    Relay issue

    arjanvr, May 10, 2017, in forum: E-mail Discussions
    Replies:
    1
    Views:
    205
    cPanelMichael
    May 10, 2017
  3. nosajix

    SMTP Relay Issues

    nosajix, Mar 8, 2016, in forum: E-mail Discussions
    Replies:
    2
    Views:
    714
    nosajix
    Mar 18, 2016
  4. sandtim

    Not permitted to relay through this server without authentication

    sandtim, Sep 15, 2017, in forum: E-mail Discussions
    Replies:
    5
    Views:
    102
    cPanelMichael
    Sep 20, 2017 at 1:58 PM
  5. tamalero

    SMTP relay error with 66.0.19 update?

    tamalero, Sep 14, 2017, in forum: E-mail Discussions
    Replies:
    5
    Views:
    75
    cPanelMichael
    Sep 18, 2017 at 5:22 PM

Share This Page