Skip to main content

All Questions

Tagged with
Filter by
Sorted by
Tagged with
0 votes
1 answer
80 views

postfix bounce_queue_lifetime and maximal_queue_lifetime

i have done a lot of research but still cannot clearly understand what is the difference between postfix bounce_queue_lifetime and maximal_queue_lifetime in main.cf. Although I've read a lot of ...
iamaduwb's user avatar
25 votes
5 answers
8k views

Does DKIM alone not solve the spam issue? Why do I need SPF?

FINAL EDIT : I was completely wrong about DKIM it seems, the signing domain does not have to be the same as the sender domain, thus the whole premise for my question is flawed. A lot of thanks to Paul ...
cornergraf's user avatar
-1 votes
1 answer
62 views

How is it possible for spammers to keep pestering me with FAKE domains when all e-mail sending providers have these insane obstacles to go through?

I keep getting e-mails to my Gmail account from made-up domains such as: @mtixusu9shbyusyr6.org.uk @mpqyriexqpvramtkn.org.uk And so on... (Yes, I checked some of them and they are not actually ...
L. Marron's user avatar
1 vote
0 answers
2k views

Linux history filled with priv_escl_start and _end after security changes

We are going through a process to make our linux servers more secure following a scan. I notice that on some of the machines, we now have lines like: LANG=C; printf "priv_escl_start_%s" "[random 8 ...
Johnny Doe's user avatar
0 votes
0 answers
40 views

What email headers are useful for determining if my email account has been compromised?

I've recently received a lot of spam replies (automated replies from users, and rejections from mail servers) to a certain email address. I've taken the obvious precautions of changing passwords, and ...
Wilco's user avatar
  • 365
-2 votes
1 answer
130 views

When is an email rejected by the receiving server? [duplicate]

Currently, I am working on a web application and wanted to create a web form to let users write emails through it. So, they would have to set their email address and the message and after clicking "...
Aliquis's user avatar
  • 97
0 votes
0 answers
278 views

Identifying suspicious outgoing SMTP connections (a.k.a. spam) after CBL listing

The IP of my email server has been listed on Spamhaus CBL, which states that the server "attempted to send email without using the HELO/EHLO command", "[which] is generally indicative of a broken ...
Skippy le Grand Gourou's user avatar
-1 votes
1 answer
638 views

how block this spam bot using htaccess?

I have this spam bot showing in google analytics (screen capture). I tried blocking it using this htaccess configuration RewriteCond %{HTTP:Accept-Language} (Trump) [NC] RewriteRule .* www.google....
hunter99's user avatar
  • 101
1 vote
0 answers
61 views

How can I know how an email account was breached? [duplicate]

it seems that a spammer cracked an email account and all my SMTP relays were consumed. My server is a VPS CentOS. I have taken every prevention method I have found on the CPanel documentation and ...
Muaya's user avatar
  • 27
1 vote
0 answers
34 views

How I can look from that script runs sendmail? [duplicate]

my problem is that some script in php or some other script or program is sending spam. I am not able to trace where this program runs. do the following: ps aux | grep sendmail nginx 28286 0.0 ...
laur's user avatar
  • 127
2 votes
2 answers
3k views

Apache access log full of unauthorized and suspicious requests, how to take action

I have setup a small tiny VPS for my own website. Since it was live, I see many suspicious activity in the access.log file. When I was on a shared hosting I did not have access to this file and ...
Dumbo's user avatar
  • 115
1 vote
1 answer
534 views

nginx spam 404 errors

My server is spammed by multiples XXX domains, there is a lot of 404 errors in my logs and i can't find the solution to stop that. 2015/07/31 09:13:20 [error] 7070#0: *610 open() "/var/www/domain/...
Benjamin B.'s user avatar
0 votes
1 answer
1k views

Block an http referrer on the server level

I am seeing multiple fake http referrers to several sites on my server, which for the most part doesn't bother me, except that they distort visitor stats. I have filtered the questionable domains out ...
Matthew S's user avatar
  • 209
2 votes
2 answers
699 views

My site is suddenly getting slammed, not legitimate traffic

I run a site with about 700 registered users. On a typical day, there are 30-50 hits. In the last three days, the traffic has increased insanely fast (according to Google Analytics). I got 7,287 hits ...
371273's user avatar
  • 125
0 votes
1 answer
2k views

Getting lots of traffic from russia to an unpublished site

I am currently building a website. Currently nobody knows about it but it is already reachable for testing purposes. Now I saw, that I get a lot of traffic from russia (Its a german website hosted on ...
jan's user avatar
  • 129
0 votes
1 answer
452 views

Apache2 Mod_spamhaus Whitelist

We are using Apache2 mod_spamhaus and many customers were banned using the "Post" method. There is no way to deny mod_spamhaus ban continuously our customers making false positive or ban ...
User-N's user avatar
  • 265
0 votes
2 answers
170 views

Dealing with Apache spam

I am recieving a lot of suspicious requests which cause Apache to use a lot of memory (over 1GB) [Mon Feb 24 09:48:29 2014] [error] [client 120.37.238.125] PHP Fatal error: Allowed memory size of ...
vojty's user avatar
  • 3
6 votes
4 answers
4k views

How can I block outside mail FROM [email protected]?

A security firm has been testing my mail server and claims my Postfix daemon is an open relay. The evidence is as follows (valid public IP for mail.mydomain.com has been changed to 10.1.1.1 for ...
sventechie's user avatar
1 vote
3 answers
2k views

How to prevent Linux server from spamming?

I installed mail scanner for spam protection, but is there any script for Linux to notify me or email me that some one spaming on my server ?
Radhe's user avatar
  • 339
0 votes
1 answer
207 views

Global Authority for Blacklisting IPs

I know that there are few common ways to block attacking IPs (such as deny in htaccess). Additional to that, we could get a huge list of IPs to block from misc sites such as : http://www.okean.com/...
Raheel Hasan's user avatar
3 votes
3 answers
4k views

How to find which local process is sending spam on a Windows Server 2008 server

I am managing a Win Server 2008 system with a number of hosted web sites. Recently I found that something was sending spam through our SMTP server. The logs indicate that the connections were being ...
Al Crowley's user avatar
0 votes
1 answer
715 views

Security Risks of catch-all email address [closed]

What additional security issues does an MTA and email client face if a catch-all email address is setup on an sub-domain (that isn't published/publicly listed anywhere) compared with setting up ...
Jay's user avatar
  • 11
1 vote
1 answer
910 views

Why is FunWebProducts flooding my server?

I have received 47 000 hits in the past couple of hours from a single domain. I researched FunWebProducts but it seems to be some kind of a plugin, not sure how this is possible? 89.70.25.120 - - [03/...
giorgio79's user avatar
  • 1,887
-2 votes
2 answers
315 views

Nginx massive error.log, am I being DDOSed?

So I just opened up my Nginx error log as all my pages are throwing error code 500. It's enormous, my site is still in development and their are well over 100k errors for resources Nginx was unable ...
George Reith's user avatar
0 votes
1 answer
110 views

Common ways of spam files ending up in a web directory

A friend discovered a bunch of spam files in his web directory on his web host the other day. He has no idea where they came from, and I'm not quite sure either. What are common security breaches ...
Svish's user avatar
  • 7,307
2 votes
1 answer
540 views

Issue of tracking an email that was "lost in cyberspace"

The issue here is one of an email that has been "lost in cyberspace." The receiver is claiming never to have received it. However, I recieved an automated out-of-office reply as a response to my email....
James's user avatar
  • 23
0 votes
1 answer
105 views

Published and updated mass email statistics?

I'm wondering if someone is publishing statistics on email usage on the internet. The main number I'm looking for is average message size on a large scale sample data over time. If someone doing ...
ManiacZX's user avatar
  • 1,646
0 votes
4 answers
2k views

Unexpected requests from an IP in San Antonio.. should I worry?

I've noticed on my server log that I receive unexpected requests from an IP in San Antonio. Is this spam ? They visit phpMyAdmin, admin.. etc is this spam ? 184.106.130.137 184.106.149.110 - [21/Nov/...
aneuryzm's user avatar
  • 1,754
5 votes
2 answers
382 views

Attack from anonymous proxy

We got attacked by some very-bored teenagers registering in our forums and posting very explicit material using anonymous proxy websites, like http://proxify.com/ Is there a way to check the ...
mmgn's user avatar
  • 51
0 votes
2 answers
3k views

SMTP hacked by spammer using base64 encoding to authenticate [closed]

Over the past day we've detected someone from China using our server to send spam email. It's very likely that he's using a weak username/password to access our SMTP server, but the problem is that he ...
robotmay's user avatar
  • 115
1 vote
3 answers
408 views

Blocking a distributed, consistent spam attack? Could it be something more serious?

I will do my best to try and explain this as it's strange and confusing to me. I posted a little while ago about a sustained spike in mysql queries on a VPS I had recently setup. It turned out to be a ...
mattmcmanus's user avatar
82 votes
11 answers
91k views

Dealing with HTTP w00tw00t attacks

I have a server with apache and I recently installed mod_security2 because I get attacked a lot by this: My apache version is apache v2.2.3 and I use mod_security2.c This were the entries from the ...
Saif Bechan's user avatar
6 votes
4 answers
4k views

How do you test a new email filtering system?

What method do you use to test or evaluate potential new email filtering systems before you set it up on your production network? I am particularly interested in methods that are appropriate for ...
Zoredache's user avatar
  • 132k
5 votes
7 answers
16k views

How to check my linux server isn't spamming

I'm worried about dodgy php scripts or other malicious software on my linux server sending out spam. Or maybe I left an open relay What are the ways to check I'm not sending any spam out?
aidan's user avatar
  • 615
0 votes
2 answers
300 views

I found a Ukranian spammer and have the exact query, IP and access time. What next?

Before I turned on comment moderation, these guys would leave comments meant to steal my Google juice (by getting an inbound link). I can still see them visit... the question is what should I do next?...
user avatar
3 votes
5 answers
1k views

Blacklisting: IP's or domains?

I am implementing a blacklisting system on my website that monitors contact forms for suspicious usage (both spam content and excessive frequency). When I find somebody / robot that meets my criteria ...
johnnietheblack's user avatar
0 votes
2 answers
2k views

Server hacked for SPAM, The BAT in X-Mailer

Our server has been hacked and I am trying to track down the cause. The server is being for SPAM purposes and it looks like IIS is being using to send the emails as the badmail and queue folder are ...
user18129's user avatar
  • 111
3 votes
5 answers
243 views

What Security Suite to choose?

What security suite would you recommend in an environment consisting of roughly 120 PC's and some 30 servers? Environment is MS only, so Exchange and ISA must also be supported.
user11925's user avatar
23 votes
9 answers
44k views

Relatively easy way to block all traffic from a specific country?

I have a web app that has no users in the Philippines, but is constantly bombarded by spammers, carders testing cards, and other undesirable activity from there. I can see in the logs that they have ...
2 votes
4 answers
308 views

What is the best way to deal with spam or virus infected hosts in wireless network with personal laptops?

What is the best way to deal with spam or virus infected hosts in wireless network with personal laptops (like personal students laptops in university)? What polices and tools use your company?
Kazimieras Aliulis's user avatar
4 votes
3 answers
528 views

How to detect form spamming on your web servers?

If you run hundred of web sites on your servers, what it is the most efficient, automated way to detect if bots are using your HTML forms to send spam email, even if your forms have some kind of ...
splattne's user avatar
  • 28.6k