The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Someone using my server to spam

Discussion in 'General Discussion' started by ramagea, Feb 7, 2006.

  1. ramagea

    ramagea Member

    Joined:
    Aug 10, 2004
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    My server is being used to send out thousands of emails a day, I keep getting returned emails to the admins email address, I get about 2-3 thousand a day of returned ones. Is there any way I can stop this? Im not sure how they are doing it. My server allows nobody to send emails. Is there anything in cpanel that can scan for this sort of thing or is there any settings that I could changet that would make it more secure?

    Any help would be greatly welcomed.

    Thanks

    Al
     
  2. david510

    david510 Well-Known Member

    Joined:
    Aug 22, 2004
    Messages:
    473
    Likes Received:
    0
    Trophy Points:
    16
    check the repeted IPs in the exim_mainlog nad block those IPs that are repeated in huge number.
     
  3. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    You need to find the culprit. Most likely a bad/insecure cgi/php script. You need a program that will track down these bad/insecure scripts, then you can either suspend or delete them. We have our own program. I suggest you clean up and secure your server. This is a common issue these days and has been discussed in several threads.
     
  4. oderland

    oderland Well-Known Member
    PartnerNOC

    Joined:
    Dec 30, 2002
    Messages:
    103
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Kungsbacka, Sweden
    I have seen that too on our servers, the worst thing is that I track it down to some of the new installations of oscommerce, wcmsphp and so on. Tried some og the mod_sec rules but they are not stoping those at all
     
  5. ramagea

    ramagea Member

    Joined:
    Aug 10, 2004
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Do you have any suggestions for any software that may do this for us?

    Also does anyone know how to block ips on fedora?
     
  6. abubin

    abubin Well-Known Member

    Joined:
    Dec 7, 2004
    Messages:
    393
    Likes Received:
    1
    Trophy Points:
    18
    look in your cpanel, there is an option called ipdeny manager. It can block ips or domain.
     
Loading...

Share This Page