Tutorial for How to Stop Spammers From Abusing Your Web Hosting Server

Advertisements

Tutorial for How to Stop Spammers From Abusing Your Web Hosting Server

Today, spam is a fact of life. Because of the daily spam deluge (and those over-zealous anti-spam systems) many email communications require a follow up phone call… “did you get my email?”

If you send emails through your virtual server , operate a web hosting business or host your email accounts with a web hosting company, you have likely had some trouble getting your emails through. Beacuse the reason is that your server has been used to send spam without your knowledge. Most of today’s web hosting companies employ automated protection to stop such things, and catch abuse before it gets out of hand. But spammers are getting more and more clever and an increasing number of stealth spamming techniques can bypass these systems easily.

Most of the web hosting companies resell their web hosting and their resellers (unbeknownst to them) send out spam. This can result in the blacklisting of the entire server, and everyone on it, which will keep most (if not all) emails sent from the server from ever reaching their destinations. Of course, it is the web host’s responsibility to carefully monitor their clients and web sites on their server(s) to make sure this never happens. Traditionally, this hasn’t been too difficult. Today’s modern web hosting systems employ advanced abuse tracking and header info in every email making it easy to catch and stop this type of abuse before it becomes a problem.

Lately, however, this has become a lot harder. There is a new wave of spam abuse that hides under the radar, bypassing the web server’s normal email system(s) by opening up a small cgi program, which then operates as a small mail sending server, which then floods spam out onto the Internet. Unfortunately, none of the traditional monitoring systems are able to detect this sort of stealth spamming. Naturally, for this reason, it has become very popular.

So let’s Learn How to stop or Prevent spamming on your server.

First, login to your cPanel server via the unix shell and install CSF firewall. Follow the usual instructions here:


mkdir /usr/local/src
cd /usr/local/src
wget http://www.configserver.com/free/csf.tgz
tar xfz csf.tgz
cd csf
./install.sh 

On a cPanel based server, all the default settings are what you want, with 2 exceptions:

Open the configuration file in your favorite text editor (/etc/csf.conf) and change the following lines:


TESTING = “1″ change to TESTING = “0″

NEXT:  you need to change 2 more lines, the SMTP_BLOCK and SMTP_ALLOWLOCAL to the following values:


SMTP_BLOCK = “1″

SMTP_ALLOWLOCAL = “0″

This will block outbound emails from anyone other than the mail server software, and prevent any unauthorized access to the mail daemon from local scripts.  Your web hosting clients, and web pages will still be able to send email like before (they use a proper method of communicating to the mail daemon already, this above trick is just to block stealth spammers from working).

Now restart the firewall by typing:


/etc/init.d/csf restart

If all goes well your server will now be protected by a firewall with an added check to prevent spammers from sending emails that avoid the normal php_mail or other local mail sending method (which lets you track and log all emails, put in abuse headers by default, etc.).

Advertisements