Skip to main content

Something is sending spam emails from random generated emails @mydomain

Graphilip
Hi guys, I'm quite new to WHM, i've upgraded a few months ago from shared hosting to unmanaged vps, and today i've got an email from my webhosting provider stating "We have received a spam report regarding your server with us and we need you to investigate it and fix the problem in question." unfortunatley it's an "unmanaged" vps, so i wont get significant help from the webhosting company, and i thought i try here too, maybe you could give me some guidance on how to fix this. Here is a print screen of the Mail delivery reports in WHM: /http://puu.sh/aO2el/9f64cad2dd.png (they are about 42 pages only for August 11th) thank you in advance for any infos, Filip

Comments

5 comments

Date Votes
  • Infopro
    In your cPanel for this account, Mail section, Default Address, what are your settings here? Documentation for this is available here: Default Address - cPanel Documentation Preferred option should be: Discard with error to sender (at SMTP time) No Such User here
    0
  • Graphilip
    Hi, right now, after browsing the forum, i've set the default adress like this: /http://puu.sh/aO6X9/32898c0688.png and also enabled SMTP Restrictions. Now, after all that, in the email delivery reports i have something like this: /http://puu.sh/aO7aE/b3f254419a.png (still trying but not succeeding i think)
    0
  • cPanelMichael
    Please refrain from linking images from external websites. Instead, attach the images directly to your post. The following document is a good place to get started when attempting to prevent SPAM: cPanel - Prevent Email Abuse Thank you.
    0
  • Graphilip
    Hi, thank you for your reply, and im sorry for the inconvenience, from the "Prevent Email Abuse" page i've done the followings: - Enable SMTP Restrictions - Restrict the nobody system user's send mail permissions - Configure high failure rate protection and this is what i have now in the "Mail Delivery Reports": .vB every minute, between 4 and 10-12 (unsuccesful) tryouts.
    0
  • cPanelMichael
    You will need to review the message headers from those messages, determine the source of the message, and delete the script or suspend the offending account. Thank you.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post