spam emails sent from my server. HELP URGENT plz

Hi guys,

I realised that there's so many spam emails sent out from my dedicated server. I know this because in every seconds, i saw more than 10 emails sent out.

Can someone help to fix this please.

 

to find someone able to help you - you may have to give full details about your server - like
OS Linux or ?
mail SW ( postfix, sendmail or what ?)

meanwhile - since you have a dedicated server, i assume you also love to learn how to run a dedicated server, hence if for example postfix is your mailer, then below would be the page to study and apply properly:
http://www.postfix.org/postconf.5.html
and until you have all ail secured
in pfx an option BBC to get a copy of each mail is an easy control to see what is going thru the server

but if you have OTHER OS/mailer .... ??

 

if you dont want e-mails to be send from your server just kill the process
ps -x
then kill PID

 

thats a one time solution but no permanent solution.

permanent solution is to secure the mail agent to make it impossible for mail abuse and relay at all and leave it open for owner of domain only
i have done so with my server and postfix

 

hi guys,

really appreciate your input. First of all, it's running on linux and the mail server is Exim_mainlog . Second, i'm not very proficient in running linux and my dedicated server but for sure i'm very very interested to learn more in order to make sure my server is running properly.

Finally, problem still persist today and i'm sure someone really has a control on my mail server and i really need some guidance.

Cheer,
Toby

 

I am totally unfamiliar with Exim
but you have to do some testing and if all goes wrong study / google until you find your self created hole

first do some "Mail relay testing" to see if your mail server is open for OTHERS to send / relay mails thru your SMTP server

http://www.abuse.net/relay.html

the key point you have to look for is to assure that NO one but you can send mail thru your server - hence to authenticate SMTP access and to limit SMTP access only to you.

normally above test - if failing - shows some help links

then
you also may setup a proper SPF record to make sure YOUR domain name / mail server - IP stays free of spam blacklists. this part has to do with your name server configuration.

you may have to hurry a bit - because repeated abuse may lead to you being blacklisted and since it is actually your server - there will be no way to get OFF a blacklist - at least for a while!!

these situations are cause for a few 24 hrs shifts - i had to go thru same a year ago. its part of owning a dedicated server - responsibility and liability is the shadow side of increased power.

TIP:

google for:

exim relay disable

and look thru the solutions offered - you also need to KNOW / consider your exact Exim version !!!

if you have no knowledge about server security - you may rest sleepless until you have knowingly secured your server in all aspects. to better motivate your learning curve - on a global level each server gets about 1 hacker attack per day
just check your error logs etc to see how many try or succeed - then do all the security stuff needed like server key login / disable password login etc
you find most of the answers in earlier posts HERE in DP forum ( and also some solutions in my blog categories as well ).
good luck

 

thanks once again hans! appreciate that and thanks for the encouragement. I will figure it out.

by the way, i got PM from matrafox and he suggested:

1. exim -bp
2. exim -Mvh id_of_mail (1IiZWi-0000qr-Vg) example

It works pretty well. When i do that i realised it's not my server who sent out email it is a spam people trying to DOS to my server.

cheer.

 

Allow mail based on IP is the best way. Beyond that, lock it so they need to have the proper domain name in the from: address.
SMTP-AUTH also helps.

 

xmcp.

how can i allow mail ONLy based on IP?

 

I wish I could help you, but use smtp software I wrote myself. But pretty much ALL software has that option.

 

Do you have a control panel?