The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
||||
|
||||
Bounced Email Woes
Having a severe bounce email problem with a client's site since the host "fixed" their hosting. They "fixed" it by moving them to a bigger more expensive hosting plan which is not working much better than the plan they had before. To make a long story short it never fixed the initial problem that we had to begin with and now the client gets hundreds of bounced emails pretty much every day since the switch.
The hosting company in their infinite wisdom cited that we should turn off the MAILER-DAEMON and that would solve the problem completely. If we just turned this off all our troubles would be over. I'm not so sure about that personally. I think they are idiots personally. This is the information they gave my client on turning it off: Quote:
So my question to everyone is how do I go about trying to find and fix this problem with the email? How do we find why there are hundreds of bounced emails in this account. What steps should I take? Is it safe to edit this file via SSH? Or is the host full of s***? If its ok to edit this file via SSH? How do I navigate to it using SSH? Its not that common that I use SSH to design a web site, so I do not know the commands to navigate to files or where they are. And of course there was nothing on the host's site that was remotely helpful. What I have tried already: 1. Checking the settings in the WHM. 2. Checking the settings in the cPanel. 3. Enabled SpamAssassin. 4. Removed email accounts that seemed wrong that the client did not remember creating. 5. Have done several hours of research online/google looking for an answer and have found nothing that tells me what I need so far. Any help would be great! Thanks. |
#2
|
||||
|
||||
Make sure they have an SPF and that the MX records are correct, check the "from" domain is correct, in fact there's lots to check that moving server could have broken, try out http://www.dnsstuff.com/tools you have to register for free to use the professional toolset but it will help you a lot
|
Благодарность от: | ||
RichieBoy67 |
#3
|
||||
|
||||
As for editing that file it is not a solution and the file will most likely be over written after cpanel/whm updates.
You will have to set up the mail server/dns according to anti spam regulations. What do the headers in the bounced emails say? What do you get in http://mxtoolbox.com ?? |
#4
|
||||
|
||||
Thanks I'll take a look at these on Monday and see. Richie yeah I was pretty much thinking the same thing. I really did not think the hosts "Fix" was gonna fix anything. *sigh*.
|
Благодарность от: | ||
RichieBoy67 |
#5
|
||||
|
||||
WOW - digging around in WHM cPanel while waiting for some of the tests to load and to me it looks as if possibly the email account has been hacked. What do you guys think?
I'm in the View Mail Statistics Summary area and under the heading: Top 50 sending hosts by message count I see these hosts as senders I assume: ip1.grsrv.com (wf41wb6.myrename.com) (l7erx.renameweb.com) (marketmindful2.com) (nativespace-janus.ns-janus.com) (grandpat.info) (lloydstsb.co.uk) m5.myzamanamail.com (ip-static-74-121-182-135.as5577.net) (mailserver.localhost.com) fordtruckin.com m1.myzamanamail.com (acreflubgh0121.com) (h2zmoj.renameweb.com) mail02.feedblitz.com mta65250.mxmfb.com r26.hello.channel4.com pc-175-63-100-190.cm.vtr.net hot-train.com mout.gmx.com (bldprssure0128.com) m10.myzamanamail.com (fight4fam0128.com) jest8.jestpil.org (gmail.com) 106-85.mta.dotmailer.com (februdeals.co) mail2146.lakelandltd.mkt2684.com (datecommunity.co) (topwindowglass.net) spruce-goose-af.twitter.com spruce-goose-al.twitter.com spring-chicken-ar.twitter.com mail23.members.csnstores.com mail4.members.csnstores.com smtp083.myfanbox.com (static.ttnet.com.tr) cpe-066-056-189-213.sc.res.rr.com mail.aaftexteis.pt (rectifyeliminate.co) smtp076.myfanbox.com smtp077.myfanbox.com nitrogen-onsise.cccampaigns.com (truefreecredit.org) 68-170-59-100.mammothnetworks.com mail1767.messages.eno.org 61-227-9-71.dynamic.hinet.net fw.dabs.com adsl-68-91-199-150.dsl.snantx.swbell.net If this is a hacked situation how do I fix this? I'm used to fixing a hacked vBulletin but not an email server. Shouldn't the freaking host be fixing this crap since they are the ones who ultimately caused it anyways?!?!? I've attached three screens from the site suggested by Simon. I'm not sure what exactly some of that means on those warnings. Where do I make those changes or is that something the host should do? |
#6
|
||||
|
||||
I've checked and your DNS is mismatched and your SPF failed too! Your email system is set to NOT relay mails which is a good thing. If your server is compromised at all it must be sending mails direct rather than via another host.
Can you post or PM me an entire header of a suspect mail? you can get ith through looking at the mails via WHM. |
#7
|
|||
|
|||
Do you use shared hosting? This stuff always happens with shared hosting, some websites get hacked and are then backdoored to be used for email spamming and DDoSing.
|
#8
|
||||
|
||||
Nope this is on a dedicated server or at least its supposed to be. This is one reason why I do not think the host is all together knowledgeable.
|
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|