getting HAMMERED with spam!

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • leo95se
    Junior Member
    • Mar 2006
    • 8

    getting HAMMERED with spam!

    all accounts in all of my domains under cpanel21 have been getting at least 40emails/day of spam, all are the same emails too, and most of which isnt even picked up by outlook junk email any more.

    im sorry if this has been covered, but is there anything i can do?

    thx!
  • AndrewT
    Administrator
    • Mar 2004
    • 3653

    #2
    You can try enabling SpamAssassin via cPanel and adjusting the settings to suit your needs, although SA is far from perfect and spam is a more or less a part of using e-mail these days.

    Comment

    • Frank Hagan
      Senior Member
      • Mar 2004
      • 724

      #3
      Originally posted by leo95se
      all accounts in all of my domains under cpanel21 have been getting at least 40emails/day of spam, all are the same emails too, and most of which isnt even picked up by outlook junk email any more.

      im sorry if this has been covered, but is there anything i can do?

      thx!
      Some of that may be to a user that doesn't exist on the domain, and you can filter those out at least. Go into Cpanel, Email, and select Default Address. There's a box there that has this text above it: "All unrouted mail will be sent to:"

      In that box, put :blackhole: That's a colon, the word "blackhole" and a colon. That will send any mail to "anyuser@yourdomain.com" to the trash before you even see it.

      Comment

      • leo95se
        Junior Member
        • Mar 2006
        • 8

        #4
        thanks for the tips! i had spam assassin set up, but didnt have one of the default addresses as blackhole. lets see if that will help..

        Comment

        • Frank Hagan
          Senior Member
          • Mar 2004
          • 724

          #5
          Originally posted by leo95se
          thanks for the tips! i had spam assassin set up, but didnt have one of the default addresses as blackhole. lets see if that will help..

          Let us know if it seems to reduce the amount of spam.

          I still get hundreds every day.

          Comment

          • leo95se
            Junior Member
            • Mar 2006
            • 8

            #6
            since this morning, only 10, and all into my junk folder!

            i think the trick was setting both default addresses to black hole..

            i noticed in cpanel that there is also an 'approved list' or something? users have to verify before being able to send email to your domain. may be a pain, but maybe worth if things get really out of hand?

            good fix so far though.. thanks!

            Comment

            • sdjl
              Senior Member
              • Mar 2004
              • 502

              #7
              Just a note for anyone that's interested.
              Using :fail: is actually less server intensive.

              When you use :blackhole:, it takes the email into the server, processes it, and then dumps it to /dev/null
              If you use :fail: it stops the email from getting into the server by sending a no user here message. This means there is no processing of the email by the server, thus using less resources.

              David
              -----
              Do you fear the obsolescence of the metanarrative apparatus of legitimation?

              Comment

              • AndrewT
                Administrator
                • Mar 2004
                • 3653

                #8
                Actually, sending a bounce message is much more of a problem if you're receiving a lot of e-mail. /dev/null is by far your best bet.

                Comment

                • sdjl
                  Senior Member
                  • Mar 2004
                  • 502

                  #9
                  Ok, here are the reasons for using :fail: from a sys admin point of view..



                  Notice one of the reasons to use just :fail:

                  "Your server does not send a bounce message (just the DENY command)"

                  David
                  -----
                  Do you fear the obsolescence of the metanarrative apparatus of legitimation?

                  Comment

                  • leo95se
                    Junior Member
                    • Mar 2006
                    • 8

                    #10
                    interesting.. ill try fail too. but either way, still working strong!

                    Comment

                    • AndrewT
                      Administrator
                      • Mar 2004
                      • 3653

                      #11
                      That's assuming you do not set the bounce message. Which of course, most users do without thinking, and it generally makes the problems much, much worse.

                      Comment

                      • Pedja
                        Senior Member
                        • Mar 2004
                        • 329

                        #12
                        My experience is, you cannot prevent Dathorn server to receive email. It will receive and then decide what to do with it (dump, reject, or else). It will not refuse email during smtp connection itself.

                        Comment

                        • sdjl
                          Senior Member
                          • Mar 2004
                          • 502

                          #13
                          Originally posted by Pedja
                          It will not refuse email during smtp connection itself.
                          It will if you set it up correctly, which is easy enough to do.

                          David
                          -----
                          Do you fear the obsolescence of the metanarrative apparatus of legitimation?

                          Comment

                          • Pedja
                            Senior Member
                            • Mar 2004
                            • 329

                            #14
                            I tried :fail:, :blackhole: and /dev/null, and when I send email to address blocked in any of these three methods, Dathorn mail server receives whole mail. Link you gave here explains that :fail: does stop pop3 session, and does not receive email. That woluld be nice if it works that way, but my test showed opposite.

                            I talked about this with Andrew, and he confirmed that it is not possible that Dathorn mail server rejects mail before it receives it.

                            Because of that, I had to set MX record for one of the domans to different server, and handle mail separate from DAthorn, since domain was attacked by far too much spam and there was no way to stop pop3 sessions on Dathorn.

                            I will try to test all this again. Maybe updated Cpanel now works as expected on this manner.

                            Comment

                            • sdjl
                              Senior Member
                              • Mar 2004
                              • 502

                              #15
                              That's a weird setup then.
                              If i try and send an email to a non-existant email address on one of my accounts on my VPS my mail client pops up an error disallowing me from sending it.

                              David
                              -----
                              Do you fear the obsolescence of the metanarrative apparatus of legitimation?

                              Comment

                              Working...