Mitigate spam from web

Discussion in 'Installation/Configuration' started by maxxer, Dec 17, 2012.

  1. maxxer

    maxxer Member

    hi.

    We recently migrated several sites to ispconfig, and these days I noticed a huge spam activity generating from our server.
    in the meantime while I look for the site used for this activity, is there some action we can take to mitigate the abuse of web scripts used for mailings?

    we're not using ispconfig as mailserver, just for sites mailing

    thanks
     
  2. maxxer

    maxxer Member

    found out it's an outdated wordpress site.

    is it possible to monitor such events?
    i.e. can amavis find common scripts, like WSO?
     
  3. pititis

    pititis Member

    Hello,

    If you are the administrator you can do everything.

    - Locate the script and check how and who is abusing it.
    - Disable features for this site if your customer doesn't need them. (cgi, python, perl, ssi, ruby)
    - Check for malware, php shell ... with clamav and rkhunter.
    - Force smtp auth
    - Disable mail() function

    Please note that I don't know nothing about your customer or your server.

    Cheers!
     
  4. maxxer

    maxxer Member

    thanks pititis,
    my question was generic, on purpose. As I added I managed to stop this specific site and infection, what I wanted to know is if, for example, could be possible to execute a "clamav" on every uploaded file so that if it's a shell script or maliciuos file could be catched, or at least a warning triggered.

    Some "watcher" with the current settings.

    thanks!
     
  5. Croydon

    Croydon HowtoForge Supporter

  6. maxxer

    maxxer Member

    very interesting, thank you very much!
     

Share This Page