Referrer spam is traffic from bots that impersonate a referral link. The pseudo traffic is designed to make their domain show up in your site analytics so that you’ll visit the site. Referrer spammers just forge the referrer of a http request to make their site show up in your logs/statistics. More information: http://blog.raventools.com/stop-refe..
rogue scripts, with the following two websites being useful for this practice: http://www.stopthehacker.com/ http://www.exploit-db.com/ The following two websites can also be highly useful as additional resources when experiencing a security compromise. http://google.com/webmasters/hacked/ http://stopbadware.org/webm..
Check the header of an email X-Spam-Status: No, score=0.1 X-Spam-Score: 1 X-Spam-Bar: / X-Ham-Report: Spam detection software, running on the system “server.domain.com”, has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn’t spam) or label similar future email. If you have ..
Check the mail queue in a plesk server: # /usr/local/psa/admin/bin/mailqueuemng -s mail queue is full of spam type messages like this: Subject: Mr.: 14623c9d 65% off for you! Sale Sale Sale!! Vigara – 0.54$, Cilias – 1.09$, Levtira – 1.15$.. and more more more… ” Steps to take: 1. Check the mail queue for suspicious ..
RE: http://kb.parallels.com/en/114845 [stextbox id=”info”]Symptoms: Many email messages are sent from PHP scripts on the server. How can I find the domains on which these scripts are running if I am using Postfix?[/stextbox] [stextbox id=”warning”]Note: This article is for Postfix. If you are using the Qmail mail server, see this: http://geekdecoder.com/troubleshoot-qmail-spam/[/stextbox] Resolution Many email messages are sent from ..
PHP Spam Scripts I finally decided this topic deserves its own page. To find the script sending spam Plesk Ver -11.0 cat /var/www/vhosts/domain.com/statistics/logs/access_log | grep POST > /tmp/post.log Ver 11.5+ cat /var/www/vhosts/system/domain.com/statistics/logs/access_log | grep POST > /tmp/post.log WHM cPanel cat /usr/local/apache/domlogs/domain.com | grep POST > /tmp/post.log View the results cat /etm/post.log 22.214.171.124 – – [02/Jan/2014:10:51:41 ..
To stop Spam: drop SMTP on port 25, 465 and 587 to prevent further spam from being sent out by running the following commands: # /sbin/iptables -A INPUT -p tcp –dport 25 -j DROP # /sbin/iptables -A OUTPUT -p tcp –dport 25 -j DROP # /sbin/iptables -A INPUT -p tcp –dport 465 -j DROP # ..
If you cannot send emails to Outlook or Hotmail or MSN, then your server’s IP address maybe blacklisted. Here are some tips to get removed from the MSN blacklist. Before jumping through the blacklist removal hoops, you may want to double-check that your emails are not simply going into the spam folder. This process will ..