Hi everyone someone is sending spam from my server to other email accounts, have found the person and stoped them. Do you think there has been any damage done? Also i did this on tweak setings it says The maximum each domain can send out per hour (0 is unlimited) i set this to 100 does that help with spam? and does that only affect certain accounts or even admin cant send out more then 100? Please let me know, and let me know how to stay safe from spam being sent out. thanks!
Install and use the spamd program to fight against the spam and limit the num of mails sent per hour.
yea i have limited that to 100 per hour, I will look into spamd Thanks! Btw by limiting the number of emails sent per hour will that also limit the admins? let me know thanks!
I assume this is cPanel based server, so yes it limits it server wide, however you can raise the limits per domain by using /var/cpanel/maxemails e.g. tolranet.co.uk=2000 worldsiteindex.com=2000 artweblinks.com=1000 Once you've edited the file run /scripts/build_maxemails_config In the above example tolranet.co.uk and worldsiteindex.com get to send 2000 emails per hour and artweblinks.com is limited to 1000, while the rest of the server is limited to in your case 100 emails. As for any damage just run your IP through the various black lists and see if you're been listed, if you have then you'll need to get yourself back off them. dnsstuff.com helps check.
hey thanks alot for the responce, this is very helpful. Havent been blacklisted so thats good. Lets say if this was to ever happen in the future what are the steps that need to be taken to get off of them? thanks this really helps!
You need to look in to how to block mail relaying from your server. Your mail server may allow mail relaying, which means anyone who knows your server details can use it to send mail from. Speak to your mail host about how to block mail relaying.
Get rid of the spammer then go through the removal process for each list and/or deal with your data centre who may also have had abuse reports and may want an explanation.
Actually yes, Sometimes Yahooo, Hotmail, Gmail etc... I've actually heard that they block certain webmails from certain servers or IP's from being sent to there users, to be taken off the list costs Thousands of dollars unfortunately. If you weren't completely blacklisted you may just had your emails from your server be read as "junk" or "spam" on a lot of the larger email companies and I believe there is a fee to be taken off of that as well.. Good Luck, Alex
Thanks for the reply everyone. tolra lets say i wanted root and nobody to be able to send unlimited emails what would i put? root=0 and nobody=0 ? because i believe 0 is for unlimited. Thanks let me know. And do you think my 100 emails per hour is a good limit to stop spammers or should i raise it or decrease it? Thanks!
Sorry, I didn't get notification of your previous reply. 0 is unlimited. 100 - 200 emails an hour is plenty for most people. /var/cpanel/maxemails works off domain names not account names, I can't think of a way you can trivially work with account names. Are you sure root sends that many email per hour anyway, it's not usual. You could try asking over at cPanel forums, http://forums.cpanel.net