Hello, I am with softlayer for about 2 years, I never faced such a worst situation with them, My server was down for about 8 hours. Actually Softlayer created an abuse ticket but unfortunately I didn't received any email that ticket is created so Softlayer team blocked my Server. According to them emails were sent from now my question is how should I check that using which script/page those emails were sent? And secondly how to overcome this issue i mean I don't want this to be happened again. And secondly no one can stop spammers to use my server email while sending spam emails. Please suggest what to do.
talk to softlayer to set a limit to on how much email from each domain can send each day to stop spam
The fact that they were sent from nobody@ points to php/cgi script. Look into all of your directories with insecure permissions (777) and also, be sure all of your site software is up to date. If you need further assistance, feel free to contact me.
I have softlayer as well - excellent hosting company, but they won't help you to secure your server, nor place limits on your mailserver - that's your job. When I got hacked, they pointed me to a section of their forums where people are available who will secure your server for a fee.
Change your passwords immediately. Lock down your directories with chmod, install .htaccess files on all directories, and restore from a backup to ensure you have only your code present.
If you have cPanel installed on your server, enable option "Prevent the user "nobody" from sending out mail to remote addresses (PHP and CGI scripts generally run as nobody if you are not using PHPSuexec and Suexec respectively.)" from "Tweak Settings". You will require to check email logs for this mass email. If this is not managed server, I suggest you to hire any server management company to secure your server. Kailash
I can help you. Frist, Limit on your mail server, the max email sent by doman for each Hour. For example 100email each hour for each domain. And don't allow to send mail from sendmail with nobody or disable sendmail completly. You can also create a anti-spam for email sent.
limit the sending of mails from your server.and also install x-path script on your server.it will let you know that which domain is sending mails and from which page.so you can kill that script
Do you have any scripts that can send emails, e.g. a contact form? Spammers can be quite crafty and add additional headers into the form field where you enter your email address (by placing newlines to add new email headers). This way, they are sometimes able to send emails to others using your mail server. I'd start off looking into any contact forms you might have.