"massive spam" issue

kellogs

New member
Hi,

last year I had a problem - I could not answer y customers via email. Some error was being spat out by mail server.

contacted support, answer: "massive spam", restriction applied.

What happened there ?

- other shared host customers of the web hosting firm did it ?
- web hosting guy mangled his logs and found me guilty ?
- do i somehow bear the blame ? How ?

I would like to add that it has not happened again ever since, nobody has access to my PC but myself, got strong password, I was unable to find any sign of this "massive spam" through the limited shared hosting cPanel.

Please advice
Thanks!
 
Hi,

last year I had a problem - I could not answer y customers via email. Some error was being spat out by mail server.

contacted support, answer: "massive spam", restriction applied.

What happened there ?

- other shared host customers of the web hosting firm did it ?
- web hosting guy mangled his logs and found me guilty ?
- do i somehow bear the blame ? How ?

I would like to add that it has not happened again ever since, nobody has access to my PC but myself, got strong password, I was unable to find any sign of this "massive spam" through the limited shared hosting cPanel.

Please advice
Thanks!
If you send out regular emails to clients (offers/service updates) etc. and you have not had them agree to such emails all it takes is them to report the emails as spam and you can get restricted by your host especially if you have a reseller account as the spam reports will affect everyone sharing the servers IP address
 
No reseller account, I am the final user.

>I was unable to find any sign of this "massive spam" through the limited shared hosting cPanel.

meaning I did not do any such thing. Unless an average of two emails a day qualifies.

Thanks
 
Hi,

last year I had a problem - I could not answer y customers via email. Some error was being spat out by mail server.

contacted support, answer: "massive spam", restriction applied.

What happened there ?

- other shared host customers of the web hosting firm did it ?
- web hosting guy mangled his logs and found me guilty ?
- do i somehow bear the blame ? How ?

I would like to add that it has not happened again ever since, nobody has access to my PC but myself, got strong password, I was unable to find any sign of this "massive spam" through the limited shared hosting cPanel.

Please advice
Thanks!
It is possible that other shared host customers were responsible for the spam, causing the restriction to be applied to all users on the server.
The web hosting firm may have monitored server activity and singled out your account based on the volume of suspicious email traffic.
While you may not be directly responsible for the spam, the hosting firm likely implemented a blanket restriction to prevent further issues.
 
I guess the web hoster can differentiate between traffic from me and traffic from others on the shared server. Since my password is long, strong, and my moneys have not been touched for an year (same password everywhere), i am pretty certain I did not get hacked that way.

So it is either my fault somehow (how, what can I do ? I would not like that episode to repeat) or it is the web hoster's fault, in which case I would better start looking for another one.

Thanks again
 
Ask your host for a sample of the spam message. Find out if the spam was being triggered by a file in the site, or via an actual POP/IMAP connection. Most times it's going to be a file.

The server logs can tell exactly what file triggered the email, so ask your host for help. They should be wanting to help and avoid spam through their network and getting their IP blacklisted.
 
Hi, I would suggest to contact your web hosting provider, and ask for the details. In shared hosting, other users behaviour can affect another one. Also, each web host is different and has different types of spam policies to control it.
 
Ask your host for a sample of the spam message. Find out if the spam was being triggered by a file in the site, or via an actual POP/IMAP connection. Most times it's going to be a file.

The server logs can tell exactly what file triggered the email, so ask your host for help. They should be wanting to help and avoid spam through their network and getting their IP blacklisted.

Like, a plugin vulnerability got exploited ? Could very well be. I have inquired about a sample without reply from support. Oh well, perhaps I should switch to a VPS instead of shared.

Thank you
 
Like, a plugin vulnerability got exploited ? Could very well be. I have inquired about a sample without reply from support. Oh well, perhaps I should switch to a VPS instead of shared.

Thank you
Yes, it could be a plugin vulnerability, or someone used a vulnerability to upload a script to your site. If you don't have WordFence installed, do that, it can run a scan in your site and help find any files that might look out of place. There are other tasks, too, but any time we deal with clients and hacked sites, that's the first thing we start with if they have WordPress.

Be careful when swapping to a VPS, as depending on the level of VPS you get, you may need to perform all the various security and admin tasks, too. Of course, having the VPS will give you direct access to the log files and allow you to better troubleshoot the hunt for the culprit.

Hopefully, the host will respond soon, as having a secure server is in their interest!
 
Back
Top