spam tracking/management

vihu

Registered
Feb 2, 2007
4
0
151
Hi,

How can we track spam that is generated locally on the server and how do we counter it?

Are there any scripts that will gaurd spam and list out the spammers to a txt file? Is there any script that will work to prevent load spike if there is load on exim due to a certain user and list it to some file?
 

brianoz

Well-Known Member
Mar 13, 2004
1,146
7
168
Melbourne, Australia
cPanel Access Level
Root Administrator
Some quick tips for preventing outgoing spam:

Use the new configserver firewall CSF - it detects outgoing spam and will warn you via email: http://www.configserver.com/cp/csf.html

Use phpsuexec and set the "tweak settings" setting to only allow 250 emails per hour per domain. If a legitimate domain needs more you can raise it in /var/cpanel/maxemails to whatever limit is more reasonable. (this is how you limit load due to an active local spammer)

Disallow outgoing connections to external SMTP servers. This prevents scripts bypassing the above limits in exim. This is done by CSF by default; you could do it with the older APF but it required fiddling.

Use mod_security to trap attempts to break into PHP contact scripts - hijacking contact scripts is a common source of outgoing spam. Develop a simple include script or similar that you can easily add in (via an include line) to vulnerable PHP contact scripts.

Sign up to the AOL "feedback loops" so you get notifications if servers under your control start sending spam. You'll get a truckload of notifications if anything slips under the net, but it's better to know than not!
 
Feb 25, 2005
17
0
151
Hi

We are having similar trouble.
AOL are sending hundreds of the SCOMP mails a day to us notifying that spam has been sent.

The headers are not showing anything useful t trace the user account the messages are coming from.

Can anyone help us to trace the account?

Thanks