Server highjacked by spammer?
My server is getting blacklisted as being a source of spam. Are there any guidelines for tracking down what happened and how to prevent it from reoccurring?
Hi Mike. I'd start by checking the apache logs and see if you have a website that's insecure and passing email traffic. Then I'd check your mail server logs next to see if you're relaying. Is all your software up to date?
I don't see anything in the logs, but there's a lot of data to look at and I could have missed something.
I don't know why, but mailradar DOT com/openrelay/ is showing relaying is allowed, and it never used to be. I have antirelayd enabled, according to WHM, so I thought that would cover it. What else should I do?
As far as software updates are concerned, I am getting a message from WHM that it couldn't update because the OS is out of date. I set preferences to the oldest release listed as a short-term workaround, but I'm not sure what the process is to get the OS updated.
What blacklists are you getting listed on? Can you PM me your server IP?
You may need to call support or open a trouble ticket to have them take a closer look at your set-up. Especially to get your OS upgraded. I'd make a backup of your server before upgrading.