The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spam in Queue

Discussion in 'General Discussion' started by dynaweb, Nov 5, 2003.

  1. dynaweb

    dynaweb Well-Known Member

    Joined:
    May 14, 2003
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Oregon
    I am currently getting attacked by SPAM email being sent to the main domain on my server. I receive over 1000 messages an hour and they are all being caught by email scanner (good) but they still end up in the mail queue for some reason (bad). If I let it go for a few hours server load rises, exim fails. In a few more hours the server putts out :(

    Therefore, I need to clean our the queue completely every couple hours and it is getting annoying. Is there a way to make these messages NOT go to the mail queue but instead get purged?

    ANY thoughts or comments or questions are welcome.


    Thanks,
    Danno
     
  2. compunet2

    compunet2 Well-Known Member

    Joined:
    Feb 21, 2003
    Messages:
    310
    Likes Received:
    0
    Trophy Points:
    16
    Set the default address for the domain to :blackhole:
     
  3. dynaweb

    dynaweb Well-Known Member

    Joined:
    May 14, 2003
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Oregon
    Thanks for bringing that option to my attention. I see it in the MAIL section of Cpanel X.

    Im sure that will help :)
     
  4. dynaweb

    dynaweb Well-Known Member

    Joined:
    May 14, 2003
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Oregon
    This is still a major problem for me. Come to find out, only a small fraction of these emails are being sent to the domain thats installed on this server. The majority are being sent [something]@[hostname]. Since the hostname is not allowed to be an actual installed domain on the server, I dont know how to control the routing of this SPAM. It is just getting dumped into the queue. I cleaned all mail from the queue last night and this morning there were so many that the server was nearly dead - took 15 minutes to su in SSH.

    So here is the challenge. Server name is like this "master.company.com" and SPAM is being sent to an address like this "something@master.company.com" and since this is the server name and not an actual domain on the server, it is getting sent to queue.
     
  5. jmweb

    jmweb Well-Known Member

    Joined:
    Aug 8, 2003
    Messages:
    77
    Likes Received:
    0
    Trophy Points:
    6
    anyone find a fix?
     
  6. dynaweb

    dynaweb Well-Known Member

    Joined:
    May 14, 2003
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Oregon
    Still no fix found but come to find out that the address something@master.company.com is an address that is generated by FrontPage as the From address in web forms.

    Possible exploit?
     
  7. Tonga

    Tonga Registered

    Joined:
    Nov 22, 2003
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
  8. bear

    bear Well-Known Member

    Joined:
    Sep 24, 2002
    Messages:
    113
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    What do you mean by this? That the domain the hostname is based on is not allowed to be set up in WHM, or the actual sub.domain.tld is not allowed?

    Can you point out where this is explained?
     
  9. dynaweb

    dynaweb Well-Known Member

    Joined:
    May 14, 2003
    Messages:
    71
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Oregon
    quote:
    --------------------------------------------------------------------------------
    Originally posted by dynaweb
    Since the hostname is not allowed to be an actual installed domain on the server,
    --------------------------------------------------------------------------------

    What do you mean by this? That the domain the hostname is based on is not allowed to be set up in WHM, or the actual sub.domain.tld is not allowed?

    Can you point out where this is explained?
    --------------------------------------------------------------------------------

    Yes, I mean that the server host name is master.domain.com whereas domain.com is a domain installed on the server. If you attempt to setup a sub-domain called master.domain.com the system will not allow it. That makes sense since master.domain.com must have certain controls that make it a unique host name and if you were to establish a sub-domain under that same title it would possibly over-ride the host name config or at least confuse it. The reason I thought about this is that there seems to be no email controls for mail coming in through the hostname (something@master.domain.com). I guess I really need to find a way to :blackhole: mail that comes to that address.
     
  10. GOT

    GOT Get Proactive!

    Joined:
    Apr 8, 2003
    Messages:
    900
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Norfolk, VA
    cPanel Access Level:
    DataCenter Provider
Loading...

Share This Page