Spam Mail

Discussion in 'Masalah Teknik dan Keamanan' started by cikay, 23 Jul 2014.

Thread Status:
Not open for further replies.
  1. cikay

    cikay Beginner 1.0

    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Tuan saya ada server buat saya doank..nah web2 saya pada pake cms wp..
    cms wpnya banyak banget spamnya..tiap seminggu sekali saya harus urus delist manual
    lama2 capek juga nyariin mana sumber spam.. satu web di bersihin spamnya besok masuk spam di web yg lain..

    trus juga ketika saya ngirim email ke 1 alamat..saya cek headernya saya kirim ke banyak alamat jadinya..

    gimana cara ngatasinya ya..saya coba scan pake clamav .. file yg terinfeksi kaga ngaruh apa2..
    coba pakai banyak security plugin di wp..tetep tembus..help saya ud mau frustasi nih..

    klo perusahaan hosting yg gede2 buat nanganin ini pakai apa ya?

    saya pake os centos sm kloxo panel apa yg harus di setting ya untuk mencegah atau setidaknya meminimalisir kaya pembatasan pengiriman email per jam atau hanya alamat email tertentu yg boleh kirim email..
     
  2. dhyhost

    dhyhost Hosting Guru Web Hosting

    Messages:
    3,950
    Likes Received:
    615
    Trophy Points:
    113
    spamnya apa ? komentar?
    kalau komentar pakai aja akismet, atau kolom komentarnya diganti pakai facebook comment ada disqus saja,
     
  3. cikay

    cikay Beginner 1.0

    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    spamnya pharma attack Tuan..
     
  4. sigmabisnis

    sigmabisnis Hosting Guru Web Hosting (Company)

    Messages:
    2,184
    Likes Received:
    144
    Trophy Points:
    63
    Apa mungkin itu Spam open relay mail Tuan? atau mungkin karena ada yg nyusup ke file php injection, sehingga spammer nya pake php mail.
     
  5. vishualhost

    vishualhost Expert 2.0

    Messages:
    813
    Likes Received:
    81
    Trophy Points:
    28
    1. bisa di setting Tuan untuk config mailnya buat block auto / silent remove untuk spam2 pharmacy , gambling dsb bisa di googling caranya ada kok tergantung mail servernya memakai apa , exim , postfix dsb
    2. atau jika ini email hanya buat mas saja yg akses dibatasi akses mailnya aja dr ip / isp yg mas pakai buat blocking brute force dari luar ke mail mas -> ini bisa diset dalam confignya email server mas tersebut sama seperti no 1
    3. jika spam berasal dr php scripting bisa dicari dari log access php nya biasanya dari sana ketahuan access log sesuai mail itu terkirim datenya

    masih banyak lagi sih cara lain buat meminalisirnya mas , tergantung mas nya mau berexplor , jadi nda usah furstasi hehe
     
  6. cikay

    cikay Beginner 1.0

    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    iyah Tuan php injection tiap hari saya ngapusin file2nya kalau 3 hari g di hapus bisa puluhan file yg ke hiden mencar2

    1. saya pake qmail Tuan, ini email masuk apa keluar ya Tuan?
    2 . kayany ini engga
    3. iyah dr php scripting log access phpnya banyak isinya jd bingung
     
  7. thelor

    thelor Beginner 2.0

    Messages:
    18
    Likes Received:
    2
    Trophy Points:
    3
    maaf urun rembug,
    yang jelas musti dicari dari mana scripting tersebut masuk atau di injeckkan, entah bruteforce, bug plugin/module,dll.
    salah satu yang saya pake untuk meminimalisir spam script ini adalah pake csf (configserver firewall) disitu ada fungsi LF_SCRIPT_ (alert, limit, action,permision), dan yang saya terapkan seperti ini,
    - lf_script_alert = 1 (untuk memberitahu jika ada php script yg ngirim email diatas limit)
    - lf_script_limit = 100 (nilai terserah nyamannya)
    - lf_script_perm = 1 (ini akan merubah permission folder ke 0000)
    detailnya mungkin bisa dibaca di readme csf
     
    BikinDesainSitus likes this.
  8. cikay

    cikay Beginner 1.0

    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1

    makasih banyak .. spertinya cuma ini yg bisa menanggulangi spam itu ..
     
  9. Putra.Mahameru

    Putra.Mahameru Beginner 2.0

    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    bisa di paste header email spamnya?
     
  10. cikay

    cikay Beginner 1.0

    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    nih Tuan ..

    Hi. This is the qmail-send program at nameserverane.com.
    I'm afraid I wasn't able to deliver your message to the following addresses.
    This is a permanent error; I've given up. Sorry it didn't work out.

    <ambrak@bellezzatanandsalon.com>:
    User and password not set, continuing without authentication.
    68.178.213.37 does not like recipient.
    Remote host said: 550 5.1.1 <ambrak@bellezzatanandsalon.com> Recipient not found. <http://x.co/irbounce>
    Giving up on 68.178.213.37.

    <aallmon622@3rdiqc.com>:
    User and password not set, continuing without authentication.
    208.65.145.3 does not like recipient.
    Remote host said: 553 Invalid recipient aallmon622@3rdiqc.com (Mode: normal)
    Giving up on 208.65.145.3.

    <agritnon@mitw.org>:
    User and password not set, continuing without authentication.
    <agritnon@mitw.org> 71.87.22.228 failed after I sent the message.
    Remote host said: 554 rejected due to spam content

    <alistair@amcgibbon.wanadoo.co.uk>:
    User and password not set, continuing without authentication.
    <alistair@amcgibbon.wanadoo.co.uk> 193.252.22.141 failed after I sent the message.
    Remote host said: 550 5.2.0 Mail rejete. Mail rejected. ouk_506 [506]

    <aaron.m.hubermank@jpmchase.com>:
    User and password not set, continuing without authentication.
    216.82.254.196 does not like recipient.
    Remote host said: 550-Invalid recipient <aaron.m.hubermank@jpmchase.com>
    550 (#5.1.1)
    Giving up on 216.82.254.196.

    --- Below this line is a copy of the message.

    Return-Path: <info@domainane.com>
    Received: (qmail 15553 invoked by uid 7806); 12 Aug 2014 04:07:54 -0000
    To: temenane@gmail.com
    Subject: Your membership at www.domainane.com has been changed
    Date: Tue, 12 Aug 2014 04:07:54 +0000
    From: "www.domainane.com" <info@domainane.com>
    Message-ID: <5aada007cb74d61d1e4a0a1e91ce317a@##str_replacement_3##>
    X-Priority: 3
    X-Mailer: PHPMailer 5.2.7 (https://github.com/PHPMailer/PHPMailer/)
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
    boundary="b1_5aada007cb74d61d1e4a0a1e91ce317a"
    Content-Transfer-Encoding: 8bit

    --b1_5aada007cb74d61d1e4a0a1e91ce317a
    Content-Type: text/plain; charset=UTF-8
    Content-Transfer-Encoding: 8bit


    system wordpressnya cm ngirim ketemen saya doank tp kenapa headernya byk gitu ...
     
Loading...
Thread Status:
Not open for further replies.

Share This Page

Loading...