Results 1 to 4 of 4

Thread: Server highjacked by spammer?

  1. #1
    Junior Member Newbie
    Join Date
    Jun 2010
    Posts
    6

    Default Server highjacked by spammer?

    My server is getting blacklisted as being a source of spam. Are there any guidelines for tracking down what happened and how to prevent it from reoccurring?

  2. #2
    Moderator Newbie
    Join Date
    Dec 2010
    Location
    Rohnert Park, CA
    Posts
    54

    Default

    Hi Mike. I'd start by checking the apache logs and see if you have a website that's insecure and passing email traffic. Then I'd check your mail server logs next to see if you're relaying. Is all your software up to date?

  3. #3
    Junior Member Newbie
    Join Date
    Jun 2010
    Posts
    6

    Default

    I don't see anything in the logs, but there's a lot of data to look at and I could have missed something.

    I don't know why, but mailradar DOT com/openrelay/ is showing relaying is allowed, and it never used to be. I have antirelayd enabled, according to WHM, so I thought that would cover it. What else should I do?

    As far as software updates are concerned, I am getting a message from WHM that it couldn't update because the OS is out of date. I set preferences to the oldest release listed as a short-term workaround, but I'm not sure what the process is to get the OS updated.

  4. #4
    Moderator Newbie
    Join Date
    Dec 2010
    Location
    Rohnert Park, CA
    Posts
    54

    Default

    What blacklists are you getting listed on? Can you PM me your server IP?

    You may need to call support or open a trouble ticket to have them take a closer look at your set-up. Especially to get your OS upgraded. I'd make a backup of your server before upgrading.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •