The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spam going to main login at servername

Discussion in 'General Discussion' started by Jeff75, Jun 25, 2006.

  1. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    16
  2. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    Change the default address to fail.
     
  3. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    16
    Can you tell me how to go about doing this? I can't find it anywhere in cPanel.
     
  4. freedog96150

    freedog96150 Well-Known Member

    Joined:
    Mar 25, 2005
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Nevada, USA
    First, go to WHM -> Tweak Settings -> Mail and set the following line: "Default catch-all/default address behavior for new accounts" to FAIL. This will assure that any newly created accounts will default to fail.

    Next is to change the existing default address. From cPanel, the only way that I know of is to go into the individual account via WHM -> List Accounts and click on the cPanel icon next to the name of the individual domain. Once in the domains cPanel, go Mail -> Default Address and change that to :Fail:

    A better method is to ssh into the server and change to the /etc/valiases directory. From there you can vi (or use your favorite editor) the file for the domain in question and change the line for the default behavior to ":Fail:" from whatever is there now. Make sure to save your changes.

    This topic has been discussed on the forums so searching should give you a ton more information.
     
  5. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    16
    I followed your instructions but the user has still received over 400 emails to hislogin@servername.domain.com. Any idea what else needs to be done??
     
  6. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    log into the affected account's cpanel and insure that the default address indeed says :Fail:
    and make sure the user did not set up pop 3 account with the default username

    if its all ok

    check this file

    /etc/valiases/domain.com

    and make sure there is not some extra garbage in there prevent fail from working

    it should look like this

    *: :fail: no such address here


    if there are forwarders & mailmain in the account
    they will have entries as well
     
  7. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    16
    I checked and there's no POP3 account or mailing list for it. Should I add this to the valiases file? * was already listed and didn't appear to be working

    defaultlogin@domain: :fail: no such address here
     
  8. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    AHH is see what the spammer scum is doing

    they are sending it directly to hismainlogin@servername.mysite.com

    the esiest way to cure would be to change the username of the account

    as the way exim/cpanel work username@servername is automaticly accepted ( Im sure you could filter it out using a exim ACL but I would have to research it more)
     
Loading...

Share This Page