Results 1 to 5 of 5

Thread: Prevent outgoing mail from hosting users

  1. #1
    Join Date
    Feb 2019
    Posts
    2

    Prevent outgoing mail from hosting users

    Hello,

    We have deployed a few directadmin instances. Some servers get constantly hacked due to some buggy website or malware on a computer that sends out spam using the hosting server. What are best practices to prevent outgoing SPAM? What kind of configuration should we be looking at? Any whitepapers on the matter?

    Any suggestions are welcomed!

  2. #2
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    12,829
    Hello,

    1. Limit a number of outgoing emails per user/email,
    2. enable BlockCracking,
    3. close outgoing to SMTP ports on per UID bases and allow connections only from root, mail.
    4. Forward outgoing emails through a $5 VPS with SpamAssassin or other free software to scan and block outgoing spam.

    Help articles:

    - How to limit the number of emails sent by each user (prevent spammer)
    https://help.directadmin.com/item.php?id=81

    - My server is sending spam. What do I do?
    https://help.directadmin.com/item.php?id=455

    - SPAM fighting tools in DirectAdmin
    https://help.directadmin.com/item.php?id=577

    - I need exim to send all outbound email through a remote mail server
    https://help.directadmin.com/item.php?id=153
    Alex Grebenschikov

    - You can hire me on www.poralix.com to work on your server
    - Follow and like @Poralix on Facebook

  3. #3
    Join Date
    Feb 2019
    Posts
    2
    Any VPS suggestions? Can outgoing scanning be done on directadmin?

  4. #4
    Join Date
    Apr 2007
    Posts
    245
    Quote Originally Posted by zEitEr View Post
    Hello,

    1. Limit a number of outgoing emails per user/email,

    https://help.directadmin.com/item.php?id=153
    This solution is wrong implemented in DirectAdmin in my opinion. Because if you use "0" it disables the limitation of sending mails, making 1 the lowest possible value, meaning you can send a single spam mail every month.

    NULL should be disabled.
    A value should be a limitation.

  5. #5
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    12,829
    By default Directadmin does not configure SpamAssassin to scan outgoing emails. You might try it of course if you want.

    As for a VPS, you can buy it from any provider you trust. I'd offer DigitalOcean (I'm their client for about 4-5 years), you can get $100 USD in credit over 60 days from them using my referral link: http://go.poralix.com/s/digitalocean https://m.do.co/c/42689ac42d5c

    Use a direct link: https://www.digitalocean.com/ if you want it.
    Last edited by zEitEr; 02-04-2019 at 09:34 AM.
    Alex Grebenschikov

    - You can hire me on www.poralix.com to work on your server
    - Follow and like @Poralix on Facebook

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •