Spamhaus Problem

Bashed

Bashed

Well-Known Member
Dec 18, 2013
146
4
68
cPanel Access Level
Root Administrator
Spamhaus has blacklisted a /24 of mine that has a few dozen different clients. I have asked them to show me proof of evidence of spam and explained there are several different long term clients on self managed VPS servers.

This is the response I get in return from Mike Anderson at Spamhaus after telling him that there's at least 20+ clients on one /24 subnet and SH has not provided anything for me to trace by:

Which user is using the IPs xxxx.xxx.32.49 and xxx.xxx.32.236 and most of the ones in between? That's the spammer.
Click to expand...
Anyone else think this is ridiculous? How is a host supposed to trace a spammer in this situation when there's at least 20+ customers all on virtual servers and none of them are even new signups?
 
cPRex

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
14,381
2,253
363
cPanel Access Level
Root Administrator
Hey there! It would be nice if they provided some more details, especially when blacklisting a range of IPs like that. The subject line or sender would definitely be helpful to narrow that down.

While you may be familiar with these already, these articles share tools for tracking down spammers:

support.cpanel.net

Tracking down compromised files that are sending mail.

Introduction This is a brief overview of how you can track down an account that has been compromised and sending spam on your server. Files will often be created in base64 when accounts are comp...
support.cpanel.net support.cpanel.net
support.cpanel.net

How to find the source of spam emails

Introduction In this article, we will be exploring means to determine how spam emails were sent from your server. This is meant to guide you in the right direction in which a further, more in-dep...
support.cpanel.net support.cpanel.net
support.cpanel.net

How to Find the Source of a Large Amount of Email

Introduction In this article, we will be exploring a means to determine what email accounts are sending a large number of emails. This is meant to guide you in the right direction. A further, more ...
support.cpanel.net support.cpanel.net

I would have also replied to Spamhaus asking for more specifics, since they decided to block that range of IPs.

It's also worthwhile to make sure that "Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak)" is set to "On" in WHM >> Tweak Settings to help prevent automated or compromised scripts from sending messages.
 
Bashed

Bashed

Well-Known Member
Dec 18, 2013
146
4
68
cPanel Access Level
Root Administrator
cPRex said:
I would have also replied to Spamhaus asking for more specifics, since they decided to block that range of IPs.
Click to expand...
Did you even read my OP at all? I made it clear I asked him for details and the response I got was ridiculous.

cPRex said:
Hey there! It would be nice if they provided some more details, especially when blacklisting a range of IPs like that. The subject line or sender would definitely be helpful to narrow that down.
Click to expand...
I'm guessing you're just trolling. Subject line of what when I have no details even after asking SH for details?
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
L In Progress CPANEL-42290 - Incorrect handling of zen.spamhaus.org Email 3
mlopez Email delivery problem with SpamHaus Email 24
U Gmail spamhaus issues Email 4
B How can I delete spamhaus RBL? Email 2
E Do your recommend enable or disable of EXIM config "bl.spamcop.net" and "zen.spamhaus.org" RBLs? Email 6
Similar threads
In Progress CPANEL-42290 - Incorrect handling of zen.spamhaus.org
Email delivery problem with SpamHaus
Gmail spamhaus issues
How can I delete spamhaus RBL?
Do your recommend enable or disable of EXIM config "bl.spamcop.net" and "zen.spamhaus.org" RBLs?
Top Bottom