Skip to main content

All Questions

Tagged with
Filter by
Sorted by
Tagged with
1 vote
2 answers
283 views

How to block spoofed mail from *.host.com

I'm currently running a centOS server with directadmin and custombuild. I keep getting spoofed phishing mails with spoofed from addresses that have SPF setup properly. Spamassassin gives it a score 1....
user3411864's user avatar
0 votes
0 answers
259 views

E-mail servers keep being blacklisted by Spamhaus

We are running a (webbased) application that is being used by many companies. This application generates large volumes of e-mail, almost all of them have a PDF attachment. These are e-mails the users ...
Frank's user avatar
  • 113
2 votes
0 answers
101 views

Exim: Redirect mails without spooling

I am running a personal mail server using exim that only forwards mails (and also runs a few mailman mailing lists). Unfortunately, my server’s spam protection is worse than that of the mail provider ...
Joachim Breitner's user avatar
0 votes
1 answer
355 views

Lots of exim4 notifcations due to failed sender verification

My exim4 server rejects a lot of spam emails due to failed sender verification. However, those result in lots of frozen messages, which in turn spam my postmaster inbox. Example line from exim log: ...
Arne's user avatar
  • 163
2 votes
2 answers
4k views

exim - Tainted filename for search - sender verify defer for failed to expand

discovered today this mailserver problem, and because have not written exim myself, can't debug it X-D also: is this normal? host zen.spamhaus.org ping zen.spamhaus.org ping: zen.spamhaus.org: No ...
user13226980's user avatar
0 votes
1 answer
178 views

Debian 10.4 / Exim 4.92 add incremental delay to the unsuccessful login attempt answer

Browsed over all the internet, but cannot find an answer. Is there any acl or something that I could apply to unsuccessful login attempt to add delay to it? As probably anyone running mx, I have a lot ...
BUKTOP's user avatar
  • 155
0 votes
3 answers
835 views

Is mail rejected by Exim's !verify = header_syntax ACL item, with RFC 2047-encoded From/To headers, legitimate?

A recent Exim upgrade added this to the default acl_smtp_data ACL: .ifndef NO_CHECK_DATA_VERIFY_HEADER_SYNTAX deny !acl = acl_local_deny_exceptions !verify = header_syntax message = header ...
Sam Morris's user avatar
0 votes
1 answer
610 views

Find exim account sending lots of emails. (Spamming)

I have an Exim server with several domains configured. In each domain I have several email accounts. From time to time a computer configured with one of this emails gets infected and starts sending ...
FedeKrum's user avatar
  • 101
0 votes
1 answer
742 views

Gmail rejects messages from new exim4 setup

I have problem with delivering mails to GMail from a new server setup with configured exim4. Messages sometime passed to gmail spam folder. But sometimes it rejects immediatelly. I have attached a ...
Ayanami.dev's user avatar
0 votes
1 answer
5k views

EXIM SMTP allows to send mails without login / authentication via telnet to any domain

I'm ashamed, but I have to ask for help. My server is being used for sending spam, I've found out I can simply connect with telnet (edit: from any server in office, home and even directly from CMD/...
Mateusz's user avatar
0 votes
1 answer
1k views

How to pevent unwanted SMTP connections EXIM

I have a VPS configured to use PHP to send out periodical alerts via email (sendmail) where I connect via SMTP to a google apps email account. The server is using EXIM as the transfer agent. In the ...
skribe's user avatar
  • 105
1 vote
3 answers
572 views

Why do Hotmail & Gmail mark all emails as spam for no clear reason?

Been testing for DKIM, SPF, DMRC and all of them are valid. Proven over several online tools. mail-tester.com gave 8.8 points. Server is not blacklisted anywhere, so far I checked. But no matter ...
Dan Jay's user avatar
  • 75
0 votes
2 answers
8k views

spamassassin has false-positives with emails originating from dialup addresses

I'm mostly a happy admin of spamassassin (3.4.0-6) + exim4 (4.84.2), setup for server-side spam-filtering on a Debian/jessie system. Recently a user reported some false positives. On closer ...
umläute's user avatar
  • 519
1 vote
1 answer
815 views

SpamAssassin scores are oddly low + different from manual analysis, causing nearly all spam to go through

I'm having issues with SpamAssassin; it's assigning emails scores that are way lower than it should. In addition, the scores it's assigning as emails come in are different from the results of running ...
W Biggs's user avatar
  • 111
1 vote
1 answer
2k views

exim rewrite Subject line if Reply-To domain does not match From domain

I would like to rewrite the subject line of all emails that contain a Reply-To: line with an email address in a different domain than the From: line. The reason for this is that I frequently get fraud ...
nn4l's user avatar
  • 1,346
0 votes
0 answers
463 views

How can I prevent Exim from sending bounces when it receives permanent errors from a specific server?

I've got an Exim server that I'm trying to evaluate a commercial spam filtering product with. The relevant setup: Exim acts as edge mail server. Mail received by the mail server is relayed to the ...
grog_7's user avatar
  • 51
0 votes
1 answer
693 views

phpmailer/exim4 to outlook.com mail arrive to junk directory

I would like to send a simple, email address change confirmation email with php and exim4. I tested my mail with lot of free email provider and everywhere arrived my email well except outlook.com. In ...
melka's user avatar
  • 11
0 votes
0 answers
913 views

Identify process that was running Exim from one email account

I have a server which is barely 4 months old and already a process is running to "spam" people. this is baffling as I have a secure password and have never given it to anyone. I am taking the ...
Oliver Williams's user avatar
0 votes
3 answers
270 views

Exim listed in htop, but not installed - server sending spam

So, I have a Ubuntu 12.04 server on Amazon. It recently started sending spam emails. When I do htop to see the proceess list, I can see the exim process there, but it's NOT installed! We're using ...
Robert's user avatar
  • 3
1 vote
1 answer
540 views

Email tagged as SPAM

I'm making a mail-list with Mailman on Ubuntu Server. The main domain of my server is DOMAIN1.FR, but my mail-list is [email protected]. I think I've made all things to do but my emails are tagged as ...
Valentin A's user avatar
0 votes
1 answer
489 views

Exim server maillog are flood by spam attemps? [closed]

My log is flooded with those spam attemps and I wonder if there is a ACL can stop those attemps. maillog (this is just a sample, my log will be over a 1000 line in an hour) 2016-07-09 22:00:32 [...
G7fya's user avatar
  • 185
1 vote
0 answers
122 views

Exim restrict send emails only from predefined list of emails

I use Exim MTA. I need to restrict hosting (lamp) send emails only from predefined list "From:" emails per user to prevent massive spam if website was hacked. Users use php to send emails via builtin ...
Jstars's user avatar
  • 11
3 votes
2 answers
1k views

Understanding exim4 outgoing message logs. Am I a spammer?

Today I got many spammy emails into my mailbox, I looked in exim4 logs and I found some suspected activities. I would like to understand the serverity of this attack, if I got spammy mail I can ...
Tobia's user avatar
  • 1,344
0 votes
1 answer
3k views

Reject emails from specific address on exim

i have a spammer that is driving me crazy. What i want to do is reject his emails altogether so he receives an instant message saying "message rejected" or similar. Can exim do this? How? Note: This ...
Michael Rogers's user avatar
0 votes
1 answer
486 views

trying to locate process on server which is sending spam email [duplicate]

I have a CentOS server running Exim, with a standard LAMP stack installed. The problem is that there is a process that is sending out unsolicited emails, AND I do not know how to locate the process. ...
Oliver Williams's user avatar
0 votes
2 answers
175 views

How do IPs end up on the spam blacklists [duplicate]

I don't know if this is the right place to ask this kind of question but here goes. I have 3 IPs on my server, which I'm running for shared hosting. The main shared IP gets blacklisted sometimes, ...
AL-Kateb's user avatar
  • 341
1 vote
3 answers
1k views

How can I find out which script/program/user invokes exim (and is sending spam)?

The problem A client of mine asked me to take a look at his shared-hosting webserver for the following problem, but I'm stuck at finding out what's wrong. His server is being blacklisted by a lot of ...
BlueCola's user avatar
  • 163
0 votes
0 answers
19 views

How to find source of spamming knowing the spam mail header? [duplicate]

Context: I have a Dedicated Server hosted on Digital Ocean, called as "Droplet" and then, on it i have installed CentOS 6, and my mailing server is using EXIM. Problem: I am having spam ...
Paulo Roberto Rosa's user avatar
0 votes
1 answer
952 views

Server is blacklisted on Cloudmark but EXIM logs showing no evidence of outgoing spam

My server is getting the following warning when sending email SMTP error from remote mail server after initial connection: 554 p3plibsmtp01-04.prod.phx3.secureserver.net bizsmtp IB103. Connection ...
Paul Mall's user avatar
3 votes
4 answers
3k views

How to find spam email sending script on server

For last 3 months i am getting email from my hosting providers that my server is sending spam emails and today i did research on it and found that it is actually doing. I used exim to check out the ...
Kinshuk Lahiri's user avatar
1 vote
1 answer
752 views

exim: How to reject spam mail depending on destination domain

Currently, I have exim set up to mark spam mail, and reject spam mail with high scores, using these ACL instructions in the acl_smtp_data ACL: warn condition = ${if <{$message_size}{500000}{1}{...
Joachim Breitner's user avatar
0 votes
0 answers
660 views

exim queue notification if a domain is sending more than x number of emails

I am running Exim as an MTA. I have also implemented a Per hour Per domain email Limit. Still I see that my IP reputation goes bad if a spammer sends more than x amount of emails in 24 hours or so. I ...
Waqas Khan's user avatar
2 votes
1 answer
105 views

Can mailman/exim reject nonmember postings at connection time?

I am using Mailman with Exim. When a nonmember posts to a mailing list, Mailman can be configured in any of the following ways, each of which has a problem: Accept it -- this distributes spam to all ...
Mike Shulman's user avatar
6 votes
2 answers
4k views

Automatically rescan email with SpamAssassin after it has been received

For the past months, the amount of spam I've been receiving has been driving me crazy. Despite running SpamAssassin (with RBL checks) on my Exim4 mailserver, a lot of it has been finding its way to ...
Thorarin's user avatar
  • 201
0 votes
1 answer
129 views

Blocking spam with SpamAssassin [duplicate]

I have a server that runs websites and exim for e-mail. I've added countless RBLs including barracuda to try and cut back on incoming spam. However, they still keep coming in. The clients use ...
Jason's user avatar
  • 3,941
-2 votes
1 answer
73 views

Individual accounts being spammed on server, even though DNS not hosted [closed]

Disclaimer: Please pardon the newbery! I've got a dedicated linux server from HostGator that has around 100 accounts on it. Lately, dozens of these accounts get bombarded with junk mail a few times a ...
Curtis's user avatar
  • 1
0 votes
2 answers
729 views

Make exim accept mails to be redirected only when they can be sent

I run a small mail server with all the usual functionality: Sending of local mail, receiving mail for local folders, redirecting mail according to alias and a mailing lists. The redirections go to ...
Joachim Breitner's user avatar
0 votes
1 answer
326 views

moving emails on cPanel or plesk to specific folder based on tag [closed]

I have hosting servers with cPanel and Plesk, which have more than 1000 customers. I want that when any email is marked as spam, then it should be moved automatically to JUNK folder, instead of ...
Farhan's user avatar
  • 4,319
0 votes
1 answer
9k views

How to stop server sending spam out. Centos server with exim [duplicate]

I'm looking at a server that appears to have been compromised via a bug in a wordpress plugin and is now sending spam out. This post seems to give a very good report of exactly what I'm seeing. ...
jeff porter's user avatar
0 votes
1 answer
111 views

Lot spam from unknown source

Here is the email header and info that I got from aol abuse. This type of emails are being generated from my server randomly at a very low rate and IP is blacklisted very freuqently. After 2 weeks of ...
Farhan's user avatar
  • 4,319
0 votes
2 answers
255 views

Tracing down spam

How can I find the source of out going spam on a linux server? tail -f /var/log/exim_mainlog 2014-10-24 15:02:37 [28750] 1Xhl4A-0007Te-9C Completed QT=7s 2014-10-24 15:02:37 [28746] SMTP ...
Jason's user avatar
  • 3,941
0 votes
1 answer
1k views

SpamAssassin filtering by Exim 4 with virtual user preferences

I would like to configure spam filtering with exim's built-in spam filter support in acl_check_data config section. The piping, exim header modification (to store result) works well. As well as ...
GT.'s user avatar
  • 9
0 votes
1 answer
90 views

How to findout where spam is coming from with EXIM?

I've tracked down the user which was sending out spam but I am wondering how can I determine where the script is that is doing it? I ran a scan looking for the mail() function but found nothing. ...
user avatar
0 votes
1 answer
1k views

Server hacked and used for sending spam [duplicate]

Hi I have CentOS server which running mail server. Last 2 days server started to send spam. After doing some research I couldn't solve the issue. Here is portion of statistics from Exim and the ...
simon's user avatar
  • 109
0 votes
1 answer
480 views

E-mail always send to spam folder [duplicate]

I have an VPS that has a pre-installed DirectAdmin and exim mailservice. But i've got a complainment from my client. When he tries and send an e-mail from his account to someone it gets flagged as ...
Rickerd's user avatar
2 votes
2 answers
972 views

exim4 reveals a mail alias when remote server rejects spam

I'm running exim4 (4.76) on Ubuntu 12.0.4.4. exim4 is set up to handle mail for mydomain.com. I have aliases set up that forward [email protected] to [email protected]. I have SpamAssassin set up to work in ...
augusto callejas's user avatar
1 vote
0 answers
795 views

Spamassassin && Exim: redirect spam emails

I want to redirect all email, being marked as SPAM to special mailbox. Works with Exim4, SpamAssassin Server version 3.3.1 on CentOS 6.5. Rules from Exim in acl_check_data block: warn message = ...
setevoy's user avatar
  • 334
11 votes
2 answers
794 views

How can I reduce the damage of stolen mail accounts?

Currently I’m offering some webhosting to a few advertising agencies for their premium customers. But currently I have a great problem with the E-Mail Service. In the last week, the E-Mail Accounts of ...
user39063's user avatar
  • 221
0 votes
1 answer
1k views

How to find out where mystery SPAM scripts are coming from? [duplicate]

I am the datacenter manager at a small ISP and we have been having an issue with mystery scripts sending out SPAM on our server. These PHP scripts will appear mysteriously in /tmp as well as sometimes ...
Riley's user avatar
  • 103
2 votes
1 answer
6k views

Filter spam emails from being forwarded by exim4

I was studying and searching 2 days about how to configure my exim/spamassassin/clamd configuration. I have the next situation: I have an email [email protected] redirected to [email protected]. Unfortunately, ...
demlasjr's user avatar