Fake Mail With Hostname

creemhost

• December 15, 2021 09:20

Fake emails sending from my system with fake name like fiuzz@hostname.com fiuzz cPanel username not available, please help me which cPanel account sending like this mails ? I'm getting abuse complaints from datacenter. This is a Comcast Abuse Report for an email message received from domain u5.creemhost.com, IP 254.263.627, on Fri, 26 Nov 2021 06:24:37 +0000. Feedback-Type: abuse Version: 1 Reported-Domain: myhostname.com Source: Comcast Abuse-Type: complaint Subscription-Link: Feedback Loop Service User-Agent: ReturnPathFBL/2.0 Arrival-Date: Fri, 26 Nov 2021 06:24:37 +0000 Original-Rcpt-To: 31e06c7f587f03cb8386cc8fedaecaf5@comcast.net Original-Rcpt-To: 31e06c7f587f03cb8386cc8fedaecaf5@comcast.net Original-Mail-From: fiuzz@myhostname.com Source-Ip: my serverIP

• 

  quietFinn

  • December 15, 2021 16:07

  You should find those mails logged in Exim log /var/log/exim_mainlog For example: grep "fiuzz@myhostname.com" /var/log/exim_mainlog
  

  0
• 

  creemhost

  • December 15, 2021 16:48

  You should find those mails logged in Exim log /var/log/exim_mainlog For example: grep "fiuzz@myhostname.com" /var/log/exim_mainlog
  

  
  After running this command there is no output [root@u5 ~]# grep "fiuzz@myrealhostname.com" /var/log/exim_mainlog [root@u5 ~]#

  0
• 

  cPanelAnthony

  • December 15, 2021 20:46

  Hello! Can you let me know if

  0
• 

  Handssler Lopez

  • December 17, 2021 21:38

  you can search through the graphical view of WHM Home "Email" Mail Delivery Reports fiuzz@hostname.com - sender / from address ** Due to defects, you can only search for the last 10 days once you have the id [1myL1u-0001U7-IT] of some mail you can perform the search as mentioned before in / var / log / exim_mainlog That will give you the necessary data to detect how the sending is being carried out, if it is through an email account and they are modifying the headers, if they are using a script for this delivery, if they are doing it through a compromised cms . *** notes *** You can currently set sending limits per hour in all and verify which account crosses the limit and why, if they are valid emails or not, this can help you in detecting spam. ** important ** - mailman is not restricted by these limits - Shipments made directly by the cpanel user are not restricted either. You can also help you with the following configuration to detect possible spammers on your server Home "Server Configuration" Tweak Settings "Mail" Number of unique recipients per hour to trigger potential spammer notification modify the number as you see fit I hope I've helped

  0

Please sign in to leave a comment.