The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Sender Verification Callouts - prevent spamming

Discussion in 'E-mail Discussions' started by crazyaboutlinux, Jul 16, 2014.

  1. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Hello,

    Sender Verification Callouts [?]
    Use callouts to verify the existence of email senders. Exim will connect to the mail exchanger for a given address to verify it exists before accepting mail from it.

    Does this option prevent spamming on the server ? and prevent blacklisting your IP address on various Spam RBLs checkers ??

    ANd also let me know

    What functions should I enable in WHM to prevent Spamming & blacklisting your IP address ??

    Prevent “nobody” from sending mail - ON
     
  2. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    also Should I enable this option "Send generic recipient failure messages" ?

    Will this feature help to prevent abuse/spamming ??
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,474
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  4. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Hello,

    I have already gone through this url, We have already done the necessary changes

    Step 1: Enable WHM's SMTP Restrictions >>> We used CSF SMTP_BLOCK instead
    Step 2: Prevent the nobody system user from sending mail >>> it is set to ON
    Step 3: Enable suPHP and enable suExec or mod_ruid2 >> We have enabled both suPHP and suExec.
    Step 4: Configure the max hourly emails settings >> it is already set to 100, when we got new Server/VPS
    Step 5: Configure high failure rate protection >> this is something we don't understand so we have set it to unlimited
    Step 6: Add X-PopBeforeSMTP header for mail sent via POP-before-SMTP >> Set to Off
    Step 7: Antirelayd : Provides the IMAP/POP before SMTP authentication method. This is not recommended, and should be disabled on modern systems in favor of SMTP authentication >> This has been Disabled (Un-checked)

    Still we are facing spamming issue, our server IP's getting blacklisted on various RBLs

    Any other suggestions are welcome And We would love to do.
     
  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,474
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Well, you'd have to take a closer look at those spam emails and see where they're coming from I think.

    Do you have any users forwarding all email off to some other email account for example?


    If you're unsure on the path forward, you might consider hiring a professional to assist you with this.
     
  6. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    >> are you talking about Default Address catch-all address ? We won't allow our users to user default address

    default's Current Setting: :fail: No Such User Here
    also checked SPF & DKIM, that too enabled.

    I am really not sure about pat forwarding ??
     
  7. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,474
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You should take a closer look at the mail via Mail Delivery Reports for example, for clues. If you find some clues that points you to a domain on your server, check his forwarders. I like ConfigServer Mail Manage for checking a users forwarders quickly.

    If you have a user that forwards all email, not necessarily catch-all email, to some other account off server, and that user gets a lot of spam, say they post their email address all over internet forums and blogs for example, all the spam directed at that users email address, is forwarded. Not checked. And its all coming from your IP.
     
  8. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Can you please tell me what to set Configure high failure rate protection >> current it is unlimited

    We have Configured the max hourly emails settings >> it is already set to 100, So how to set/configure high failure rate protection ?
     
  9. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,474
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    I don't think there is a perfect setting here. As a Server Administrator you need to know your own system and users. Over time many of these settings should be tweaked to suit your users needs.

    If 'Max Hourly Emails' is set to 100, and 'Maximum percentage of failed or deferred messages a domain may send per hour' is set to 25%, then when 25% or, 25 emails are failed or deferred, mail for that domain is temporarily blocked.
     
Loading...

Share This Page