All Questions
76
questions
1
vote
2
answers
283
views
How to block spoofed mail from *.host.com
I'm currently running a centOS server with directadmin and custombuild.
I keep getting spoofed phishing mails with spoofed from addresses that have SPF setup properly.
Spamassassin gives it a score 1....
- 131
0
votes
0
answers
259
views
E-mail servers keep being blacklisted by Spamhaus
We are running a (webbased) application that is being used by many companies. This application generates large volumes of e-mail, almost all of them have a PDF attachment. These are e-mails the users ...
- 113
2
votes
0
answers
101
views
Exim: Redirect mails without spooling
I am running a personal mail server using exim that only forwards mails (and also runs a few mailman mailing lists).
Unfortunately, my server’s spam protection is worse than that of the mail provider ...
- 4,049
0
votes
1
answer
355
views
Lots of exim4 notifcations due to failed sender verification
My exim4 server rejects a lot of spam emails due to failed sender verification. However, those result in lots of frozen messages, which in turn spam my postmaster inbox. Example line from exim log:
...
- 163
2
votes
2
answers
4k
views
exim - Tainted filename for search - sender verify defer for failed to expand
discovered today this mailserver problem, and because have not written exim myself, can't debug it X-D
also: is this normal?
host zen.spamhaus.org
ping zen.spamhaus.org
ping: zen.spamhaus.org: No ...
- 67
0
votes
1
answer
178
views
Debian 10.4 / Exim 4.92 add incremental delay to the unsuccessful login attempt answer
Browsed over all the internet, but cannot find an answer. Is there any acl or something that I could apply to unsuccessful login attempt to add delay to it? As probably anyone running mx, I have a lot ...
- 155
0
votes
3
answers
835
views
Is mail rejected by Exim's !verify = header_syntax ACL item, with RFC 2047-encoded From/To headers, legitimate?
A recent Exim upgrade added this to the default acl_smtp_data ACL:
.ifndef NO_CHECK_DATA_VERIFY_HEADER_SYNTAX
deny
!acl = acl_local_deny_exceptions
!verify = header_syntax
message = header ...
- 367
0
votes
1
answer
610
views
Find exim account sending lots of emails. (Spamming)
I have an Exim server with several domains configured. In each domain I have several email accounts. From time to time a computer configured with one of this emails gets infected and starts sending ...
- 101
0
votes
1
answer
742
views
Gmail rejects messages from new exim4 setup
I have problem with delivering mails to GMail from a new server setup with configured exim4.
Messages sometime passed to gmail spam folder. But sometimes it rejects immediatelly. I have attached a ...
0
votes
1
answer
5k
views
EXIM SMTP allows to send mails without login / authentication via telnet to any domain
I'm ashamed, but I have to ask for help. My server is being used for sending spam, I've found out I can simply connect with telnet (edit: from any server in office, home and even directly from CMD/...
- 1
0
votes
1
answer
1k
views
How to pevent unwanted SMTP connections EXIM
I have a VPS configured to use PHP to send out periodical alerts via email (sendmail) where I connect via SMTP to a google apps email account. The server is using EXIM as the transfer agent.
In the ...
- 105
1
vote
3
answers
572
views
Why do Hotmail & Gmail mark all emails as spam for no clear reason?
Been testing for DKIM, SPF, DMRC and all of them are valid. Proven over several online tools.
mail-tester.com gave 8.8 points.
Server is not blacklisted anywhere, so far I checked.
But no matter ...
- 75
0
votes
2
answers
8k
views
spamassassin has false-positives with emails originating from dialup addresses
I'm mostly a happy admin of spamassassin (3.4.0-6) + exim4 (4.84.2), setup for server-side spam-filtering on a Debian/jessie system.
Recently a user reported some false positives.
On closer ...
- 519
1
vote
1
answer
815
views
SpamAssassin scores are oddly low + different from manual analysis, causing nearly all spam to go through
I'm having issues with SpamAssassin; it's assigning emails scores that are way lower than it should. In addition, the scores it's assigning as emails come in are different from the results of running ...
- 111
1
vote
1
answer
2k
views
exim rewrite Subject line if Reply-To domain does not match From domain
I would like to rewrite the subject line of all emails that contain a Reply-To: line with an email address in a different domain than the From: line. The reason for this is that I frequently get fraud ...
- 1,346
0
votes
0
answers
463
views
How can I prevent Exim from sending bounces when it receives permanent errors from a specific server?
I've got an Exim server that I'm trying to evaluate a commercial spam filtering product with. The relevant setup:
Exim acts as edge mail server.
Mail received by the mail server is relayed to the ...
- 51
0
votes
1
answer
693
views
phpmailer/exim4 to outlook.com mail arrive to junk directory
I would like to send a simple, email address change confirmation email with php and exim4.
I tested my mail with lot of free email provider and everywhere arrived my email well except outlook.com.
In ...
- 11
0
votes
0
answers
913
views
Identify process that was running Exim from one email account
I have a server which is barely 4 months old and already a process is running to "spam" people. this is baffling as I have a secure password and have never given it to anyone. I am taking the ...
- 286
0
votes
3
answers
270
views
Exim listed in htop, but not installed - server sending spam
So, I have a Ubuntu 12.04 server on Amazon. It recently started sending spam emails. When I do htop to see the proceess list, I can see the exim process there, but it's NOT installed! We're using ...
- 3
1
vote
1
answer
540
views
Email tagged as SPAM
I'm making a mail-list with Mailman on Ubuntu Server.
The main domain of my server is DOMAIN1.FR, but my mail-list is [email protected].
I think I've made all things to do but my emails are tagged as ...
- 11
0
votes
1
answer
489
views
Exim server maillog are flood by spam attemps? [closed]
My log is flooded with those spam attemps and I wonder if there is a ACL can stop those attemps.
maillog (this is just a sample, my log will be over a 1000 line in an hour)
2016-07-09 22:00:32 [...
- 185
1
vote
0
answers
122
views
Exim restrict send emails only from predefined list of emails
I use Exim MTA. I need to restrict hosting (lamp) send emails only from predefined list "From:" emails per user to prevent massive spam if website was hacked.
Users use php to send emails via builtin ...
- 11
3
votes
2
answers
1k
views
Understanding exim4 outgoing message logs. Am I a spammer?
Today I got many spammy emails into my mailbox, I looked in exim4 logs and I found some suspected activities.
I would like to understand the serverity of this attack, if I got spammy mail I can ...
- 1,344
0
votes
1
answer
3k
views
Reject emails from specific address on exim
i have a spammer that is driving me crazy.
What i want to do is reject his emails altogether so he receives an instant message saying "message rejected" or similar.
Can exim do this? How?
Note: This ...
0
votes
1
answer
486
views
trying to locate process on server which is sending spam email [duplicate]
I have a CentOS server running Exim, with a standard LAMP stack installed. The problem is that there is a process that is sending out unsolicited emails, AND I do not know how to locate the process. ...
- 286
0
votes
2
answers
175
views
How do IPs end up on the spam blacklists [duplicate]
I don't know if this is the right place to ask this kind of question but here goes.
I have 3 IPs on my server, which I'm running for shared hosting. The main shared IP gets blacklisted sometimes, ...
- 341
1
vote
3
answers
1k
views
How can I find out which script/program/user invokes exim (and is sending spam)?
The problem
A client of mine asked me to take a look at his shared-hosting webserver for the following problem, but I'm stuck at finding out what's wrong. His server is being blacklisted by a lot of ...
- 163
0
votes
0
answers
19
views
How to find source of spamming knowing the spam mail header? [duplicate]
Context:
I have a Dedicated Server hosted on Digital Ocean, called as "Droplet" and then, on it i have installed CentOS 6, and my mailing server is using EXIM.
Problem:
I am having spam ...
0
votes
1
answer
952
views
Server is blacklisted on Cloudmark but EXIM logs showing no evidence of outgoing spam
My server is getting the following warning when sending email
SMTP error from remote mail server after initial connection: 554 p3plibsmtp01-04.prod.phx3.secureserver.net bizsmtp IB103. Connection ...
3
votes
4
answers
3k
views
How to find spam email sending script on server
For last 3 months i am getting email from my hosting providers that my server is sending spam emails and today i did research on it and found that it is actually doing. I used exim to check out the ...
- 135
1
vote
1
answer
752
views
exim: How to reject spam mail depending on destination domain
Currently, I have exim set up to mark spam mail, and reject spam mail with high scores, using these ACL instructions in the acl_smtp_data ACL:
warn condition = ${if <{$message_size}{500000}{1}{...
- 4,049
0
votes
0
answers
660
views
exim queue notification if a domain is sending more than x number of emails
I am running Exim as an MTA. I have also implemented a Per hour Per domain email Limit. Still I see that my IP reputation goes bad if a spammer sends more than x amount of emails in 24 hours or so.
I ...
- 181
2
votes
1
answer
105
views
Can mailman/exim reject nonmember postings at connection time?
I am using Mailman with Exim. When a nonmember posts to a mailing list, Mailman can be configured in any of the following ways, each of which has a problem:
Accept it -- this distributes spam to all ...
- 121
6
votes
2
answers
4k
views
Automatically rescan email with SpamAssassin after it has been received
For the past months, the amount of spam I've been receiving has been driving me crazy. Despite running SpamAssassin (with RBL checks) on my Exim4 mailserver, a lot of it has been finding its way to ...
- 201
0
votes
1
answer
129
views
Blocking spam with SpamAssassin [duplicate]
I have a server that runs websites and exim for e-mail. I've added countless RBLs including barracuda to try and cut back on incoming spam. However, they still keep coming in. The clients use ...
- 3,941
-2
votes
1
answer
73
views
Individual accounts being spammed on server, even though DNS not hosted [closed]
Disclaimer: Please pardon the newbery!
I've got a dedicated linux server from HostGator that has around 100 accounts on it. Lately, dozens of these accounts get bombarded with junk mail a few times a ...
- 1
0
votes
2
answers
729
views
Make exim accept mails to be redirected only when they can be sent
I run a small mail server with all the usual functionality: Sending of local mail, receiving mail for local folders, redirecting mail according to alias and a mailing lists.
The redirections go to ...
- 4,049
0
votes
1
answer
326
views
moving emails on cPanel or plesk to specific folder based on tag [closed]
I have hosting servers with cPanel and Plesk, which have more than 1000 customers. I want that when any email is marked as spam, then it should be moved automatically to JUNK folder, instead of ...
- 4,319
0
votes
1
answer
9k
views
How to stop server sending spam out. Centos server with exim [duplicate]
I'm looking at a server that appears to have been compromised via a bug in a wordpress plugin and is now sending spam out.
This post seems to give a very good report of exactly what I'm seeing.
...
- 119
0
votes
1
answer
111
views
Lot spam from unknown source
Here is the email header and info that I got from aol abuse. This type of emails are being generated from my server randomly at a very low rate and IP is blacklisted very freuqently. After 2 weeks of ...
- 4,319
0
votes
2
answers
255
views
Tracing down spam
How can I find the source of out going spam on a linux server?
tail -f /var/log/exim_mainlog
2014-10-24 15:02:37 [28750] 1Xhl4A-0007Te-9C Completed QT=7s
2014-10-24 15:02:37 [28746] SMTP ...
- 3,941
0
votes
1
answer
1k
views
SpamAssassin filtering by Exim 4 with virtual user preferences
I would like to configure spam filtering with exim's built-in spam filter support in acl_check_data config section.
The piping, exim header modification (to store result) works well. As well as ...
- 9
0
votes
1
answer
90
views
How to findout where spam is coming from with EXIM?
I've tracked down the user which was sending out spam but I am wondering how can I determine where the script is that is doing it?
I ran a scan looking for the mail() function but found nothing. ...
user238343
0
votes
1
answer
1k
views
Server hacked and used for sending spam [duplicate]
Hi I have CentOS server which running mail server. Last 2 days server started to send spam. After doing some research I couldn't solve the issue.
Here is portion of statistics from Exim and the ...
- 109
0
votes
1
answer
480
views
E-mail always send to spam folder [duplicate]
I have an VPS that has a pre-installed DirectAdmin and exim mailservice. But i've got a complainment from my client.
When he tries and send an e-mail from his account to someone it gets flagged as ...
- 1
2
votes
2
answers
972
views
exim4 reveals a mail alias when remote server rejects spam
I'm running exim4 (4.76) on Ubuntu 12.0.4.4.
exim4 is set up to handle mail for mydomain.com. I have aliases set up that forward [email protected] to [email protected]. I have SpamAssassin set up to work in ...
- 123
1
vote
0
answers
795
views
Spamassassin && Exim: redirect spam emails
I want to redirect all email, being marked as SPAM to special mailbox.
Works with Exim4, SpamAssassin Server version 3.3.1 on CentOS 6.5.
Rules from Exim in acl_check_data block:
warn message = ...
- 334
11
votes
2
answers
794
views
How can I reduce the damage of stolen mail accounts?
Currently I’m offering some webhosting to a few advertising agencies for their premium customers. But currently I have a great problem with the E-Mail Service. In the last week, the E-Mail Accounts of ...
- 221
0
votes
1
answer
1k
views
How to find out where mystery SPAM scripts are coming from? [duplicate]
I am the datacenter manager at a small ISP and we have been having an issue with mystery scripts sending out SPAM on our server. These PHP scripts will appear mysteriously in /tmp as well as sometimes ...
- 103
2
votes
1
answer
6k
views
Filter spam emails from being forwarded by exim4
I was studying and searching 2 days about how to configure my exim/spamassassin/clamd configuration.
I have the next situation:
I have an email [email protected] redirected to [email protected].
Unfortunately, ...
- 49