WestNIC.net Online CommunityWestNIC.net 24/7 SupportDesk Hosting Tutorials Network Status

Go Back   WestNIC.net Online Community > Support Forums > Email Issues

Reply
 
Thread Tools Display Modes
  #1  
Old 06-24-2009, 01:36
Mike Mike is offline
WestNIC Staff
 
Join Date: Mar 2005
Location: New York
Posts: 140
Exclamation Blacklisted server?

Two of our servers got blacklisted in the past 30 days. One of them blacklisted for the second time due to constant abuse. Most spammers use already compromised accounts. How do they do this?!

1. Customer left old php or cgi scripts (Joomla, wordpress, nuke, phpbb etc).
2. Customer installed addons (hacks) or modules (for Joomla, wordpress etc) and forgot to update it.
3. Password was easy to guess.
4. Username was easy. We noticed that most compromised accounts were created under very easy usernames - for example: "info", "test123", "shop", "school", "website" etc. If we add easy password, we get compromised account. We're going to change all easy usernames and also check password length. If password is less than 10 chars, it will be reset with complicated one.
5. Microsoft Frontpage is insecure. In fact, this project was abandoned few years ago (no releases for Linux) so we're going to remove it completely on all old servers (new servers already built without FP).
6. Username and password being sent via insecure FTP protocols. Please install FTP program with SFTP compatibility then contact us for SFTP server name, ports.
7. Customer was using insecure mail servers (like mail.domain.com) and protocols (25 and 110). Please contact us about secure mail protocols.


What will change:

1. Users will be forced to use SSL channels (for cPanel, webmail logins etc). We had never used self issued SSLs. We use Geotrust SSLs on all servers so it won't cause any issues.
2. Easy usernames will change. We will contact each customer individually via email prior changes.
3. Insecure ports will be dropped (for example 25). It won't interfer with mail communications.
4. Current server firewalls will be replaced, in addition to that, all shared, reseller and semi-dedicated servers will be protected by double firewall - hardware and software.
5. PHP and Apache will be reconfigured. Some functions (not being normally in use) will be dropped.
6. All servers will be audited nightly.
7. Autoresponder will be disabled completely (spam relay).
8. All mail sent to "full mailbox" will be silently discarded (no bounce back error and no mail queue storage). PLEASE check mail usage via cPanel > Mail to avoid mail data loss!


Security updates should be completed by the end of July. If you started to experience any issues (broken script, cannot send/receive etc), please submit support ticket: https://support.westnic.net/index.ph...kets&_a=submit
__________________
Reliable reseller hosting provider since 2002.
Too good. It's true!


http://www.westnic.net
1-800-438-0260
Reply With Quote
  #2  
Old 05-14-2012, 12:00
Fearghal Fearghal is offline
WN Reseller
 
Join Date: May 2012
Posts: 2
Default

I know this is an old post but I would just like to say how happy I am with the server I am currently placed on.

For the first time ever, I've been able to send emails via the server and they have not been flagged as SPAM or junk.

Very impressed!
Reply With Quote
Reply

Tags
security

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 17:04.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
WestNIC.net - US based multidomain web hosting