Stop the naughty people

unixguru

unixguru

Verified User
Joined
Mar 6, 2010
Messages
71
Location
Four Marks, Alton, Hampshire
Hi,

I would like to stop exim from send from any address other than those defined at email addresses on the server.

I get a few naughty users sign up and dump spam until I find them.

Their outgoing addresses aere <random>@<server_name> which is giving us a bad rep.

I would rather have a bad rep in the eyes of these spammy so and sos, so they don't sign up and come back.#

If I can limit the outgoing mail to defined email accounts, I know who it's from and I can catch them faster, their domains gets blacklisted etc.etc.

This is probably quite simple, but I can't find out how to do it anywhere!
 
You can set a sent email limit in Directadmin per user, take a look at it, easy to find.
 
Yeah I know this, but I don't really want to do that.

say i have an domains bloggs.com

I have two email accounts configured for bloggs.com, fred and jo.

How can I stop the server sending from domains not hosted on it, or from [email protected]

How can I restrict outgoing mail only to addresses which can be delivered to internally?

If I can do this, I will know who is spamming without effort, infact spoofing would be impossible.
 
Sorry it's been such a long time for me to reply back.

Most of this was caused by inexperienced users setting up wordpress, drupal, joomla set with "non existant" email addresses at their own domains, and not puting any capcha's on the signup page, so non-existant email addresses were mailing fake signup addresses, which bounced back to non-existant addresses etc.
I would have noticed if I spent a little more time investigating, so appologies about that.

I also had Jeff from nobaloney install the latest spam-block on my three "public" servers, and I must say that it works well
Thankyou Jeff!

After the upgrade to spam-blocker, I was able to fully see where the rest of the mail was coming from.

It appears that these same inexperienced users have had people upload malware into their wordpress etc.

So a little scan with clamav and maldet, cleared those up and an installation of mod_security's virus scan and maldet scan, and quick mod_clamav patch for proftpd has stopped the problems coming back!

So thanks again to Jason, who's worthwhile product really lead me to the solution.
My servers are no longer blacklisted, and the load is significantly lower.
A switch from suphp to mod_ruid2 (from another thread) thanks again forum!!! and the load is at a all time low!!!

I've built all of this tech into my directadmin VPS templates so I should not have this problem again!
 
Last edited by a moderator:
I'm not Jason, I'm Jeff. I hope you don't mind that I've corrected your post.

Jeff
 
You must log in or register to reply here.
Back
Top