Search results

Be aware if it's Plesk, because that has the same owner as CP, so price raises are to be expected. ;)

I wouldn't like that to remove it completely. Admin and reseller changable is a must imho. It's not that difficult currently, the popup shows the default option which they can and will easily choose. Except for the exceptions ofcourse. In the old days we also did not have many users wanting...

They are getting more. Today a customer of mine also received 6 spam mails from that yinoce.com group. So now I blocked that domain and for the time being I also blocked google groups.

Good choice. Earlier on Debian used /var/log/syslog and then one could just change /var/log/messages to /var/log/syslog in the csf.conf file and restart csf and lfd and things were fine. However since Debian 12, the Syslog is replaced by journalctl. Seems the Debian devs forgot that some...

Try via a ticket or reopen ticket if you have one. Sometimes they close automatically after a couple of days.

Best is to ask your how for support. This forum is intended only for support to Directadmin license holders, so admins and resellers, not hosting customers. Also reason for this is that your host can change the configuration settings. Seems what you did was correct. Not the fastdirectadmin.com...

I report -every- spam mail I get this way via Spamcop, they all go to Google abuse too. So if they get enough complaints maybe they will thing about some better security for adding 3rd party mail addresses to groups.

That would indeed be a good explanation. I'm using Spamassassin, not going over to rspamd soon, so maybe there will be some kind of fix too. Until now it's quiet since I've blocked the originating domains which are abusing google for their spam.

But those are easy to block. I think it's whitespread and a lot of us will soon encounter these.

Yes exactly that is what I was wondering about too, hence my question how that is possible. The only thing I can think of is that the abused address is making use of external mailserver from Google and/or has forwards to Google groups or MS mail addresses.

Oke so then it's just check which domains are non-google and non-microsoft and block these, because I don't only had the ones mentioned here but a lot more. I presume those (hacked) accounts then make use of Gmail or Microsoft since the customer gets them from on of those and not directly from...

It's not only firebaseapp, but the most spam started coming them. :)

I doubt it or it must be a lot of mailboxes, because we got 16 different of these messages today. The one from sh4y.de is just an example. As you could se we also got loads from firebaseapp.com until I blocked those and a spoofed other mail address, but almost every mail is coming form a...

The above are header results from spamcop, this is an original header from the last message. Seeing the email content (not displayed) it looks like a bounce message coming back and somehow to us while we are not originating. Received: by 2002:a05:6000:1846:b0:439:c2a3:a2e9 with SMTP id...

I think we need another method. Seems that spammers found another spam method. They send mail from some domain, then reroute it via Gmail to send it to our servers. We got another example of this: Received: by 2002:a05:6000:1846:b0:439:c2a3:a2e9 with SMTP id...

Thank you!

Nothing wrong. It's in your list of things which require a DA license. I think my question was very clear. In other words, why should blockcracking stop working without DA license? I'm no scripter so maybe it's something in one of the files, hence the question.

Not there indeed, but I thought you were talking about the /var/log/httpd and /var/log/httpd/domains logs. But are they still generated in the /home/user when DA is not running anymore? If yes, they can be put manually in the logrotate.d section. What about blockcracking?

The apache (webserver) log rotation is done via normal logrotate. The file for that is /etc/logrotate.d/apache so DA is not required for that if I'm correct. Blockcracking is called from within exim.conf. So existing configs should also still work right?

I've seen this with a friend of mine, who due to some error his license got expired. But also messages from DA itself stating services won't stop. You could also send them a mail or contact form, they won't bite. :) Doublecheck the cronjobs that they are present in the OS so the OS will trigger...