dns – A foreign domain points to the server and sends spam

I have one really weird. I run a web hosting server that is blocked by some vendors that use Cloudmark. I contacted customer support and they came back with an email header that unfortunately sends spam.

Received: from sub.domain.example ((1.1.1.1(my servers ip)))
Subject: sven.n.nilsson,=?utf-8?q?=62=65=6b=72=c3=a4=66=74=61=20=64=69=74=74=20=64=65=6c=74=61=67=61=6e=64=65=2e=2e=21=21=21?=
From: =?utf-8?q?=53=77=65=64=69=73=68=20=6d=65=74=68=6f=64?=  

The header indicates that the mail is coming from my server. But how is this possible, I have a closed relay and there is no mailbox for this domain. In addition, the domain points to the IP of my servers. How can I prevent it from rigging e-mail headers and pointing to the IP of my servers?

Why XRP pump [scrubbed spam] an idea? [closed]

I have seen in many chat rooms that many users are selling xrp at the rate of 0.00003278 BTC, but the rate is now 0.00002978 bitcoin. why [spam cleaned up] pumping xrp and I've seen a lot of people selling xrp out there why?

The spam that transmits postfix config "the host name does not resolve to address: no address associated with the host name"

On a postfix MX MTA configuration, I do two spam checks, which should absolutely not be the case.

the postfix/smtpd process saves these warnings, which should to be a difficult failure in this configuration:

  • hostname * does not resolve to address *: No address associated with hostname
  • Unable to look up MX host * for Helo command *: No address associated with hostname

The relevant mail log is:

postfix/smtpd: warning: hostname peggy-langley.colormemobile.com does not resolve to address 45.58.139.69: No address associated with hostname
postfix/smtpd: connect from unknown(45.58.139.69)
postfix/smtpd: warning: Unable to look up MX host mail.intrcomm.net for Helo command eldoark.com: No address associated with hostname
policyd-spf: prepend Received-SPF: Neutral (mailfrom) identity=mailfrom; client-ip=45.58.139.69; helo=eldoark.com; envelope-from=dohayokgalenobe@verizon.net; receiver=
postgrey: action=greylist, reason=new, client_name=unknown, client_address=45.58.139.69, sender=dohayokgalenobe@verizon.net, recipient=

It should not even touch blocking lists or additional checks that would block it later.
Here's why:

  • 45.58.139.69 has a PTR record peggy-langley.colormemobile.com, but this domain does not have an IP A / AAAA record (or MX record).
  • HELO's eldoark.com has an MX record mail.intrcomm.net, but this subdomain does not have an IP A / AAAA record.

I can not find any postconf parameters that could turn these warnings into errors, and I wonder if I should write my own check here.
postfix Is save the warnings, he is aware of the problems, so hope I miss something?


The MTA configuration has

smtpd_delay_reject = yes    
smtpd_helo_required = yes
smtpd_helo_restrictions =
    (...)
    reject_unknown_helo_hostname,
    (...)
    permit

and

smtpd_sender_restrictions =
    (...)
    reject_unknown_sender_domain,
    (...)
    permit

and I would have thought that one or the other or both should remove that link, but on closer inspection, these checks seem insufficient here:

rejeter_unknown_helo_hostname: Reject the request when the HELO or EHLO host name does not have a DNS A or MX record.

Clearly, the HELO domain has an A and MX record (only the MX can not resolve). So, that seems to be passing.

refuse_unknown_sender_domain: Reject the request when Postfix is ​​not the final destination of the sender's address and the domain MAIL FROM is not 1) DNS MX and no DNS record A, or 2) a malformed MX record such as a record with a null-length MX hostname

MAIL OF (dohayokgalenobe@verizon.net) is clearly falsified, so it does not help at all?

grabber or prospect with spam folder monitoring macro

i understand that catchall is the way forward for most people here
but would not I get a similar or better success rate to Freemail like outlook.com and an unwanted bot / macro track record monitoring every 60 seconds and moving everything into the inbox? Outlook also allows as 5 aliases per account

Spam management | Talk Web Hosting

I need professional help guys! There is no better place to ask than here.

I'm running a VPS node with Virtualisor.

I had problems with some users who abused the network and used our services to send spam.

Is there any software available to run alongside, on top or on any other Virtualisor to handle / block outgoing spam?

I've watched the spam murder, but I do not think it suits my setup?

Any notice would be greatly appreciated.

UploadShip.COM – 100 $ All Countries, No POP-ADS – No Spam! | NewProxyLists

Hello.
Greetings to the members, administrators and visitors of this forum

We are happy to share our service with you.
https://www.UploadShip.com

UploadShip is a file hosting platform, which has been launched with high quality resources and services, services and servers, also with own ads, without pop-ads.
Image viewer.
Multimedia player (video / audio).
Fast payment.
High quality speed.
Big Storage.
Easy to use.
Own ads.
No Pop-Ads.
Safe deposit box.
No scam (never !!!)

Make money:

PPD: Fixed rates for all countries.

1_High rates (100 to 10000 downloads) All countries)
2_Fair, Safe, high quality counting system.

PPS: % 5 per sale.

You will instantly get 5% of any sale, renewal or other, even if you do not use your referral code ;)
Even if someone bought an account while downloading your files.

Check out the full rewards page and read it carefully here:
https://www.uploadship.com/plugins/rewards/site/rewards.php

Premium Accounts:

Storage space: Unlimited, you can download what you want – (We also offer 1TB for FREE accounts).
Duration of file storage: For all time, we will not delete your files.
Uploading multiple files: You can download multiple files, up to 5000 files at a time.
Uploads per day: Unlimited downloads 24/7.
By file size: 100 GB each file.
Publicity: No ads You will not see any ads.
Download time: No need to wait, instant downloads.

*** We have high high prices because we do not use any pop or spam ads, we only use Adsense.
We also offer a high fixed PPD rate with UNLIMITED Everything.


Consult our plans:
https://www.uploadship.com/plans.html


Free premiums:
We offer a free premium account without PPD benefit.
If you are not interested in our PPD system and you do not want to earn money with
downloads, we offer a free premium account, just contact us. ;)

payments:

Withdrawal methods: You can request your payment via PayPal, WebMoney, BitCoin, ETH, USDT, CryptoCurrency, Wire transfer, Western Union also you can ask any withdrawal method you like, (Min – $ 10.);)

Contact Details:
1_Contact form> https://www.uploadship.com/contact.html
2_Live chat. On the site.
3_Wjunction. > Here or PM
4_SkyPe. > uploadshipfh
5_Facebook. > https://www.facebook.com/UploadShip

Please read the terms carefully.

Cordially!

gmail – I get too much spam

In the last 3 or 4 months, I have received a huge amount of spam. Most of it goes directly to bin, and then I have to report it as spam. I also have some that go directly to the inbox. Every day, I move Spam from the trash to the Spam folder. I sometimes have 10 or more a day, often at one time. I do not know where these spams come from, but I would like them to stop.
I also get some emails that I would like to directly go to my inbox, going straight to the trash – for example, Costa Coffee, Apple News, Starbucks, PDSA, Cole & Marmalade, Cats and Kittens, GBK. I would like these in my inbox.
I'm so fed up with gmail that, if it was not so painful to change email provider (so many accounts to update), I would have already changed.

Google analytics Keyword spam traffic [on hold]

While I was working on something, I would like to take a look because I have this problem and I can not find the real problem.
Please watch the video. help kindly.

cordially
Rajat

Postfix sends spam from localhost

My e-mail server is concisely entered on all possible blackmail lists. When reading the newspapers, all I can see is that the client is my own server.

postfix/smtp/smtpd(8630): C98A122201F: client=localhost.localdomain(127.0.0.1)
postfix/cleanup(8653): C98A122201F: message-id=<97f1c4b272deb9161@geocities.com>
C98A122201F: no signing table match for 'aqw79@geocities.com'
opendkim(9112): C98A122201F: no signature data
postfix/qmgr(9221): C98A122201F: from=, size=13500, nrcpt=1 (queue active)
amavis(7260): (07260-05) Passed CLEAN {RelayedOutbound}, LOCAL (127.0.0.1):39180 (127.0.0.1)  -> , Queue-ID: C98A122201F, Message-ID: <97f1c4b272deb9161@geocities.com>, mail_id: OJ1Kze1afnBw, Hits: 2.272, size: 13441, queued_as: 0D1B622200E, 2790 ms
postfix/smtp(8660): C98A122201F: to=, relay=127.0.0.1(127.0.0.1):10024, delay=3.3, delays=0.49/0.01/0/2.8, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:(127.0.0.1):10025): 250 2.0.0 Ok: queued as 0D1B622200E)
postfix/qmgr(9221): C98A122201F: removed
postfix/smtpd(8663): 0D1B622200E: client=localhost.localdomain(127.0.0.1)
amavis(7260): (07260-05) smtp resp to MAIL (pip): 250 2.1.0 Ok
amavis(7260): (07260-05) smtp resp to RCPT (pip) (): 250 2.1.5 Ok
amavis(7260): (07260-05) smtp resp to DATA: 354 End data with .
amavis(7260): (07260-05) smtp cmd> QUIT
postfix/cleanup(8639): 0D1B622200E: message-id=<97f1c4b272deb9161@geocities.com>
postfix/smtpd(8663): disconnect from localhost.localdomain(127.0.0.1)
postfix/qmgr(9221): 0D1B622200E: from=, size=13992, nrcpt=1 (queue active)
amavis(7260): (07260-05) smtp resp to data-dot (): 250 2.0.0 Ok: queued as 0D1B622200E
amavis(7260): (07260-05) Amavis::Out::SMTP::Session close, disconnecting
amavis(7260): (07260-05) FWD from  -> ,BODY=7BIT 250 2.0.0 from MTA(smtp:(127.0.0.1):10025): 250 2.0.0 Ok: queued as 0D1B622200E
amavis(7260): (07260-05) DSN: sender is credible (orig), SA: 2.272, 
amavis(7260): (07260-05) status counters: InMsgsStatus{Relayed,RelayedUntagged,RelayedUntaggedOriginating,RelayedUntaggedOutbound}
amavis(7260): (07260-05) TIMING-SA total 2656 ms - parse: 3.2 (0.1%), extract_message_metadata: 22 (0.8%), get_uri_detail_list: 1.02 (0.0%), tests_pri_-1000: 32 (1.2%), tests_pri_-950: 1.63 (0.1%), tests_pri_-900: 1.19 (0.0%), tests_pri_-400: 22 (0.8%), check_bayes: 21 (0.8%), b_tokenize: 3.4 (0.1%), b_tok_get_all: 12 (0.5%), b_comp_prob: 2.4 (0.1%), b_tok_touch_all: 0.25 (0.0%), b_finish: 0.79 (0.0%), tests_pri_0: 2557 (96.3%), check_spf: 0.37 (0.0%), check_dkim_adsp: 66 (2.5%), poll_dns_idle: 62 (2.3%), check_razor2: 2032 (76.5%), check_pyzor: 398 (15.0%), tests_pri_500: 7 (0.3%), get_report: 0.98 (0.0%)
amavis(7260): (07260-05) sending SMTP response: "250 2.0.0 from MTA(smtp:(127.0.0.1):10025): 250 2.0.0 Ok: queued as 0D1B622200E"
amavis(7260): (07260-05) size: 13441, TIMING (total 2796 ms) - SMTP greeting: 2 (0%)0, SMTP EHLO: 1 (0%)0, SMTP pre-MAIL: 1 (0%)0, lookup_sql: 4 (0%)0, SMTP pre-DATA-flush: 1 (0%)0, SMTP DATA: 37 (1%)2, check_init: 1 (0%)2, digest_hdr: 1 (0%)2, digest_body_dkim: 0 (0%)2, mime_decode: 8 (0%)2, get-file-type1: 16 (1%)3, parts_decode: 0 (0%)3, check_header: 1 (0%)3, AV-scan-1: 14 (1%)3, spam-wb-list: 1 (0%)3, SA parse: 5 (0%)3, SA check: 2650 (95%)98, decide_mail_destiny: 9 (0%)98, notif-quar: 1 (0%)98, fwd-connect: 6 (0%)99, fwd-mail-pip: 11 (0%)99, fwd-rcpt-pip: 0 (0%)99, fwd-data-chkpnt: 0 (0%)99, write-header: 0 (0%)99, fwd-data-contents: 0 (0%)99, fwd-end-chkpnt: 10 (0%)99, prepare-dsn: 1 (0%)100, main_log_entry: 8 (0%)100, update_snmp: 2 (0%)100, SMTP pre-response: 0 (0%)100, SMTP response: 1 (0%)100, unlink-1-files: 0 (0%)100, rundown: 1 (0%)100
postfix/qmgr(9221): 0D1B622200E: removed

LOCAL (127.0.0.1): 39180 (127.0.0.1) is linked to amavis because it indicates that my own server sends these spams and I do not see where it is made. If it was an infected site, like some, which runs on PHP, I would see something with uid = (apache uid) on the client's log line, this is not the case and it drives me crazy . Someone who has already faced this can help me?

wordpress – Real-time Google console test shows html spam

I think my site has been hacked. When I launch a page in Google Data's structured test tool, I receive a version of spam from my page. The first thing I did was restore the site from a backup prior to hacking. Then, I located on my server malicious files that I have deleted since. I then contacted my hosting provider, they performed an analysis on my website and it was said that there was no problem with the site and that everything was clean.

However, the display of another page on the website with the help of structured data tool from Google Data and the use of live inspection Google Console URLs revealed HTML spam.

Access to the website via a direct link did not pose the problem. The problem lies solely in the way Google sees the website. Does the problem persist with my website? I thought it might have been a Google cache problem, but it seems odd that their live test is caching results.