Skip to content

Menu
  • Home
  • Linux Hosting
  • WordPress
  • PHP
  • cPanel
  • Digital Marketing
  • Linux Reseller Hosting
  • VPS
  • Dedicated Server
  • Tutorials
  • Website Development
  • Client Area
April 20, 2022
HomeTutorialsHow To Protect Your Server From Spam Emails?

How To Protect Your Server From Spam Emails?

By Faisal K Tutorials, Webmails, WHM  0 Comments

How To Protect Your Server From Spam Emails?

Summary:

Nowadays, when the spammer has increased widely. It’s crucial to protect your server and client’s emails from sending spam emails. Well, here in this tutorial, we’ll walk you through several methods to keep your server from sending out spam or junk mail. Generally, bulk email senders are the culprits behind spam emails used for commercial purposes but in a huge volume by a botnet or a network with a compromised computer. However, you can follow some basic instructions to protect your server from sending out spam emails.

Protect Your Server From Sending Spam Emails
Protect Your Server From Sending Spam Emails

4 Ways to Protect Server from Sending Spam Emails

There are several different ways to protect your server from sending spam or bulk emails to others. Follow the below steps to know some of them:

  1. You can create SPF records for every client or make it mandatory for everyone to enhance your email security.
  2. Recommend every client to use a strong password for every cPanel and email account on the server. You can also force cPanel users to change their passwords from your WHM by navigating to the Account Functions > Force Password Change option.

    Force Password Change in WHM
    Force Password Change in WHM
  3. Make sure to upgrade your plugin, software, and themes on every website. Keeping your addons up-to-date could help you avoid any compromise or vulnerability.
  4. Always use ReCaptcha on every sensitive page of websites. ReCaptcha is a Turing test used to protect the page from bots. It is used to tell if a visitor is human or not. Using ReCaptcha is highly recommended as prevents automated bots from submitting info, which could flood your server with numerous unnecessary requests.

So, the above are some basic techniques that you can use to prevent your server from sending spam emails. But, the question arises, is this enough to protect servers from sending out spam emails? NO!! Even with these tactics, your server will still send out spam.

How To Detect if a Server is Flooded With Spam Emails?

If you’re receiving tickets from your clients that they’re unable to send or receive emails, or the emails they’re sending have ended up in the spam folders. If this occurs, we recommend you take some additional steps by following the below article to eliminate the problem.

You can start by tracking the source of spam. In most cases, it is either an existing email account or a PHP mailing script running on the server. If you found the email address from where the spam is going, you should immediately change the password of it. If a mailing script is causing the spam, disable the script or delete the script file once you find its exact location.

The process to detect the source of the spam is mentioned below. You’ll be needed WHM or Root access to your server to perform this task.

Detect Spam Email Sender Using The “Mail Queue Manager” in WHM

  • Log into your WHM panel.
  • Either navigate to the Email > Mail Queue Manager or simply type mail in the left-corner search bar and click over the Mail Queue Manager option from the result.
Mail Queue Manager
Mail Queue Manager
  • Enter the search term.
Email Search Query
Email Search Query
  • A list of messages during the selected period will be displayed. Check for the messages or senders that are continuously repeating. You can examine the messages more closely by clicking over the Magnifier icon.
Find Spam Email Sender
Find Spam Email Sender
  • Check the following details to examine the spammer.
    • From
    • Subject
    • To
Received: from username by exampledomain.com with local (Exim 4.93) 
(envelope-from <something@exampledomain.com>) 
id 1l0OgK-000413-I8 
for a1tasks@host2.getintodigital.com; Fri, 15 Jan 2021 18:30:01 +0530 
From: "something@mydomain.com> 
To: test@redserverhost.com 
Subject: Additional and easy income to earn today 
X-PHP-Script: exampledomain.com/index.php for 123.456.78.90
X-PHP-Originating-Script: 1153:class-phpmailer.php
Content-Type: text/plain; charset=UTF-8
  • A sender that has sent too many emails with a single subject is more likely to be a spammer.

Disable the Spamming Email Account Immediately

Focus on the from and the subject of the email. If it sounds spammy, you should change the password of that email as soon as possible or you can temporarily disable the email account to prevent spamming. Once you change the password of the spammy email account, the continuous spamming should be stopped in a couple of minutes. If not, you can follow the other method.

Disable the Mailing Script

Sometimes, the information in the from remains blank or does not provide the email address. In this case, take a look at the X.PHP-Script or X-PHP-Originating-Script commands. Analyze both commands and you’ll find the domain name associated with the spamming script and an IP Address

X-PHP-Script: exampledomain.com/index.php for 123.456.78.90

You will also be able to view the name of the malicious PHP file.

X-PHP-Originating-Script: 1153:class-phpmailer.php

Now you have got the domain name and name of the malicious PHP file. Simply log in to your WHM account and navigate to the List Accounts section.

Log into that cPanel account and delete the malicious file that is class-phpmailer.php in my case.

You can find the exact location of the malicious script on your server from SSH. Simply log into your SSH with WHM credentials, and follow the below command.

find /home/user/public_html -type f -name 'class-mailer.php'
Note: 
Do not forget to replace /home/user/public_html path with your own path. 
Replace class-mailer.php with the PHP script you got. Do not copy mine. It won’t work for you.
Once you find the script, use the below command to disable the script by restricting its permission to 0.
chmod 000 /path/to/script

Once the spam stops, navigate to the Mail Queue Manager and delete or clear all the emails from that particular email address.

That’s It.


We hope that this article will help you decrease the spam emails from your server. If you still have any doubts, you can visit Redserverhost.com and open free chat support. Our experienced Technical Support Team will be happy to assist you.

Other than this, you can contact us on Facebook or Twitter for any further inquiries & suggestions.

Tags:create spf record, Detect if a server is sending spam emails, Disable Mailing Script, Disable Spamming Email Account, Email, force cpanel to change password, From, linux commands, Magnifier, Mail Queue Manager, Mailer Script, mails, php script, protect server from spam emails, putty, ReCaptcha, spammy emails, ssh, Subject, whm, whm root

Related Posts

How to set default mail ID in WHM for SOA record?

How to set default mail ID in WHM for SOA record?

how to customize cpanel account moved page in whm reseller - redserverhost.com

How to customize the cPanel account moved page in WHM Reseller?

How to Apply tawk.to Live online chat system in your website

How to Apply tawk.to Live online chat system in your website?

Search

Our Recent Posts

  • Website Down! Are you not able to access a particular website on your PC?
  • How to Manage Customer Addresses in AbanteCart?
  • How to Fix “Add New Plugin Menu Not Showing” In WordPress?
  • How to Add YouTube Subscribe button to your WordPress website?
  • How to Disable WordPress Plugins from Database?

Categories

Search

Red Server Host Copyright © 2023.
Powered by Skillvent Technologies Pvt. Ltd. . Back to Top ↑