Need to Ban a Gmail email address that is spamming accounts on server
I know I can blacklist domains in WHM > Filter Incoming Emails by Domain
BUT I need to ban a specific Gmail email address that is spamming all of the accounts on the server.
There should be an easy way to do this in WHM - please tell me the best and easiest / quickest method to ban individual email addresses globally.
Thanks
-
You'll need to add a block in Exim's configuration "acl_smtp_rcpt" with something like: deny senders = /etc/exim.denysenders.conf and then list the email addresses the spam is coming from in /etc/exim.denysenders.conf If the email is being sent FROM your server (such as via a web form), it will then be bounced back to your server as undeliverable: so somebody is likely to get it anyway... If it is coming from a web form, I would look at blocking the email using rules in Apache mod_security (or using a Captcha type system). 0 -
Thanks, I'll give that a try next time. It's not coming from any web form. Someone has obviously queried the DNS for a domain and has managed to find a "list of domains" on that range and has then proceeded to email them all with cheap spammy rubbish multiple times. A determined spammer. 0 -
If they are all coming from the same spammer farm, it may be worth checking the headers of the email and see if you can filter/firewall off their email servers - it'll be much lower CPU processing on your end (as the firewall can just do a check IP check as opposed to Exim having to fire up, accept some of the email, compare records etc). If they are sending from primarily Nigerian IP addresses (for example) and you have a very low chance of getting business from Nigeria, then block the entire country (or just their ISP etc). Of course, if they are actually sending through Gmail (instead of just spoofing the address) that's not going to work. Feel free to DM me the headers of a couple of the messages and I'll try and suggest suitable rules. 0
Please sign in to leave a comment.
Comments
3 comments