Sender Verification Callouts - prevent spamming

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
Hello,

Sender Verification Callouts [?]
Use callouts to verify the existence of email senders. Exim will connect to the mail exchanger for a given address to verify it exists before accepting mail from it.

Does this option prevent spamming on the server ? and prevent blacklisting your IP address on various Spam RBLs checkers ??

ANd also let me know

What functions should I enable in WHM to prevent Spamming & blacklisting your IP address ??

Prevent “nobody” from sending mail - ON
 

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
also Should I enable this option "Send generic recipient failure messages" ?

Will this feature help to prevent abuse/spamming ??
Send generic recipient failure messages
This option allows you to send the following message to senders who attempt to send an undeliverable message:
The recipient cannot be verified. Please check all recipients of this message to verify they are valid.
 

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
Hello,

I have already gone through this url, We have already done the necessary changes

Step 1: Enable WHM's SMTP Restrictions >>> We used CSF SMTP_BLOCK instead
Step 2: Prevent the nobody system user from sending mail >>> it is set to ON
Step 3: Enable suPHP and enable suExec or mod_ruid2 >> We have enabled both suPHP and suExec.
Step 4: Configure the max hourly emails settings >> it is already set to 100, when we got new Server/VPS
Step 5: Configure high failure rate protection >> this is something we don't understand so we have set it to unlimited
Step 6: Add X-PopBeforeSMTP header for mail sent via POP-before-SMTP >> Set to Off
Step 7: Antirelayd : Provides the IMAP/POP before SMTP authentication method. This is not recommended, and should be disabled on modern systems in favor of SMTP authentication >> This has been Disabled (Un-checked)

Still we are facing spamming issue, our server IP's getting blacklisted on various RBLs

Any other suggestions are welcome And We would love to do.
 

Infopro

Well-Known Member
May 20, 2003
17,090
519
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
Well, you'd have to take a closer look at those spam emails and see where they're coming from I think.

Do you have any users forwarding all email off to some other email account for example?


If you're unsure on the path forward, you might consider hiring a professional to assist you with this.
 

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
Do you have any users forwarding all email off to some other email account for example?
>> are you talking about Default Address catch-all address ? We won't allow our users to user default address

default's Current Setting: :fail: No Such User Here
also checked SPF & DKIM, that too enabled.

I am really not sure about pat forwarding ??
 

Infopro

Well-Known Member
May 20, 2003
17,090
519
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
You should take a closer look at the mail via Mail Delivery Reports for example, for clues. If you find some clues that points you to a domain on your server, check his forwarders. I like ConfigServer Mail Manage for checking a users forwarders quickly.

If you have a user that forwards all email, not necessarily catch-all email, to some other account off server, and that user gets a lot of spam, say they post their email address all over internet forums and blogs for example, all the spam directed at that users email address, is forwarded. Not checked. And its all coming from your IP.
 

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
Can you please tell me what to set Configure high failure rate protection >> current it is unlimited

We have Configured the max hourly emails settings >> it is already set to 100, So how to set/configure high failure rate protection ?
 

Infopro

Well-Known Member
May 20, 2003
17,090
519
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
I don't think there is a perfect setting here. As a Server Administrator you need to know your own system and users. Over time many of these settings should be tweaked to suit your users needs.

If 'Max Hourly Emails' is set to 100, and 'Maximum percentage of failed or deferred messages a domain may send per hour' is set to 25%, then when 25% or, 25 emails are failed or deferred, mail for that domain is temporarily blocked.