Spammer sending mails to *@xyz.com

imran_khan

Well-Known Member
Jun 10, 2013
154
1
16
cPanel Access Level
Root Administrator
Hello,

I have two email id’s [email protected] and [email protected] and I observed that, spamming is going on using xyz.com domain from multiple domain.
Spammer sending mails to *@xyz.com, means spammer using any email ids before @xyz.com which email id’s are does not exist.
I cannot block from domains because spammer are using multiple domains. Please suggest me on this, how can I stop spamming?

Also please let me know, How to check [email protected] and [email protected] email id’s are catch all or not?

Thanks,
Imran Khan.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

You can browse to the following option in cPanel:

"cPanel >> Mail >> Default Address"

Choose "Discard with error to sender" to ensure emails sent to non-existing email accounts are bounced to the sender.

Thank you.
 

imran_khan

Well-Known Member
Jun 10, 2013
154
1
16
cPanel Access Level
Root Administrator
Hello,

Thanks for the reply. Checked the setting and found that, “Default Address” is set on “Forward to email address” to [email protected] and abc.com domain’s MX is not pointed to the Cpanel server. This is external domain. Please suggest me on this.

Thanks,
Imran Khan.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Thanks for the reply. Checked the setting and found that, “Default Address” is set on “Forward to email address” to [email protected] and abc.com domain’s MX is not pointed to the Cpanel server. This is external domain. Please suggest me on this.
I advise modifying the default address to:

"Discard with error to sender (at SMTP time)"

This will bounce the messages that are sent to non-existent email addresses instead of forwarding them to an external email address.

Thank you.
 

imran_khan

Well-Known Member
Jun 10, 2013
154
1
16
cPanel Access Level
Root Administrator
Hello,

Mails are not delivered to *@xyz.com. Mails are stuck in mail queue and due this issue my IP is also blacklisted.
Spam mails are not delivered to *@xyz.com so why my IP address is backlisted ? I am also got the email from mail-abuse.org for spamming.

Thanks,
Imran Khan.
 

imran_khan

Well-Known Member
Jun 10, 2013
154
1
16
cPanel Access Level
Root Administrator
Hello,

Domain xyz.com is receiver? so I think it is not responsible for spamming.
I can find out spammer in real time. If someone was sending spam mails yesterday. Please let me know, how can I find out the culprit ?

Thanks,
Imran Khan.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

What is the specific error message you receive when attempting to deliver a message in the mail queue? The following documentation is useful if you want to help prevent email abuse:

cPanel - Preventing Email Abuse

There is no single method to determine who is using your server to send out SPAM. You can check /var/log/exim_mainlog to look for suspicious email activity.

Thank you.
 

imran_khan

Well-Known Member
Jun 10, 2013
154
1
16
cPanel Access Level
Root Administrator
Hello,

I can check the mail header and body using message id which is in mail queue.
Just I want to check the mail header and body of email which is already delivered to recipient .
I can find out the message id from /var/log/exim_mainlog log.

Thanks,
Imran Khan.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
You could try using:

"WHM Home » Email » Mail Delivery Reports"

However, you may need to consult with the remote mail server or black list provider that has added you to their black list to determine the offending message.

Thank you.