Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Spam with local [Reply-To:] user

Discussion in 'General Discussion' started by vla, Dec 18, 2004.

  1. vla

    vla Member

    Jun 19, 2004
    Likes Received:
    Trophy Points:
    I started getting thousands of messages for an email account on one of our clients.
    After going through some MSGs and the Exim Logs I have noticed that the emails have the Reply-To header set to that speciafic account, however none of this email was sent through the clients' mailserver.

    Any help on coping with this issue is highly appreciated.

    Thank you all in advance.
  2. dezignguy

    dezignguy Well-Known Member

    Sep 26, 2004
    Likes Received:
    Trophy Points:
    It sounds like a spammer is using your address as a spoofed address in their spamrun... so you get the bounces, angry messages from clueless users, etc. There's not much you can do to stop it though... the best way to at least not see the messages would be to get a spam filter going. You may be able to configure exim to reject the messages that match a certain string if the spams that you're getting contain similar content. Oh, and publish SPF records so that others can see the emails are fakes and reject them...
  3. bijo

    bijo Well-Known Member

    Aug 21, 2004
    Likes Received:
    Trophy Points:

    you should enable this option in whm

    Main >> Server Setup >> Tweak Settings >> Mail

    Prevent the user 'nobody' from sending out mail to remote addresses (php and cgi scripts generally run as nobody if you are not using phpsuexec and suexec respectively.)

    Silently Discard all FormMail-clone requests with a bcc:

    It will help to solve your problem. If it willn't solve your problem please go to this link.

    JONATHAN Did a great replay there.
    or go to

    It is very effective to block spamming
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice