The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Self sent spam

Discussion in 'E-mail Discussions' started by Dante78, Apr 1, 2013.

  1. Dante78

    Dante78 Well-Known Member

    Joined:
    May 1, 2010
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6
    Hello

    Our clients are complaining that are receiving mails sent by them selves. On the sender it appears their e-mail adress. How can we stop this abuse?

    Thanks
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,481
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    In your cPanel > Mail section > Default Address, what is this set to?
     
  3. Dante78

    Dante78 Well-Known Member

    Joined:
    May 1, 2010
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6

    Send all unrouted email for:

    Current Setting: :fail: No Such User Here


    What is the connection between this setting and my issue? :D
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,481
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    If that was set some other way, a spammer could send emails to that user all day long.

    Is email authentication enabled?
     
  5. Dante78

    Dante78 Well-Known Member

    Joined:
    May 1, 2010
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6
    Hello

    I guess i wasn't clear. Sorry for that. I'm trying to say that on a spam mail the sender is the same as the recipient. But the owner of the mail account didn't send that mail. The mail was sent from an external IP.

    thanks
     
  6. storminternet

    storminternet Well-Known Member

    Joined:
    Nov 2, 2011
    Messages:
    462
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Have you scanned all accounts just to ensure there is no malware in any of the accounts or they are not hacked.
    Hacked accounts or infected accounts can be one of the reason for the spamming.
     
  7. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    It's probably just a spammer forging the FROM address to be the same as the TO address. Pretty darned common. Very hard to block it if the content itself does not appear spammy enough to be ditched by spamassassin. Obviously you can't block the sender address.

    On some mail systems you can tell the mailsystem not to accept mail from userA@domainA.com if userA@domainA.com exists, and certainly there would be a way to tell Exim to do the same. The problem is that userA@domainA.com might want to legitimately send mail to themselves, and blocking mail from the user would prevent users from sending mail to themselves. I send email to myself on occasion, and I wouldn't want it blocked. But that leaves you depending upon SpamAssassin (or whatever antispam platform you are using) to be able to distinguish that it is spam based upon its content or the IP address it is coming from.

    M
     
Loading...

Share This Page