Someone Sending Spam Over My Server localrelay

dortgendizayn

• November 04, 2014 14:13

Hello, for example my main domain is root.domain.com i can access whm root.domain.com:2086 and there are users like user1, user2, user3 i've installed csf but i want to block local relay, and open mail auth because server sending spam mails above user1@root.domain.com and there isn't an email like this probably its a way for local email. so there are lots of mails in queue on my mail server and user1@root.domain.com traying to send spam mail lots of people. how to block this email sending ? it doesn't needed i can turn of completly localmail sending only domains can be send with auth its enough.

• 

  cPanelMichael

  • November 04, 2014 19:26

  Hello :) Have you checked to verify that it's not a PHP script installed on that account being used to send email? What do you see in the message headers of the SPAM messages? Also, the following document is worth checking out: cPanel - Prevent Email Abuse Thank you.

  0
• 

  dortgendizayn

  • November 04, 2014 19:36

  Yes i did most of things that link you've shared , by the way mails not delivered right now spam mails in queue or frozen. how can i block user1@root.domain.biz to sending email? also i haven't opened an email like this and there is no way to reach inbox.

  0
• 

  dortgendizayn

  • November 04, 2014 19:39

  Date: Tue, 04 Nov 2014 22:34:26 +0200 From: user1@root.domain.com To: multiple emails here - Removed - Subject: Coagulated albumin: No liquefaction. Message-Id: Received: from user1 by root.domain.com with local (Exim 4.82) (envelope-from ) id 1Xlko6-0000WW-1Q; Tue, 04 Nov 2014 22:34:26 +0200

  0
• 

  cPanelMichael

  • November 05, 2014 14:07

  That looks like part of the message, but not the message header. Are you able to view the header of a message in the queue? Did you review the account's home directory and below to see if any scripts have the ability to send out email? Thank you.

  0
• 

  dortgendizayn

  • November 21, 2014 09:41

  Okay its related php mail() funciton is enabled. When i disabled mail() function for php it worked.

  0
• 

  cPanelMichael

  • November 21, 2014 17:33

  ]Okay its related php mail() funciton is enabled. When i disabled mail() function for php it worked.

  
  Keep in mind that will disable the ability for any PHP script on your server to use the "mail" function. Thank you.

  0

Please sign in to leave a comment.