homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque

Webmaster General Forum

Spam Is Being Sent From My Server!
What to do?

5+ Year Member

Msg#: 11410 posted 2:28 am on Apr 4, 2006 (gmt 0)

Hi everybody.

I keep recieving "Delivery Status Notification (Failure)" messages every 10 minutes in my inbox. The content of the messages being sent from my servers is clearly spam. I have not sent any messages, nor given permission for anyone else to do so. I think someone has exploited some web application on my site and is using to send mass spam emails. The delivery notification failures I am getting is because some of the emails that are being sent are being rejected, and I am getting them.

I am running PHPlist, PHPadsnew, and phpBB. I have changed all my passwords. I have removed PHPlist because I was not using it. I just updated PHPadsnew to the latest version, and phpBB is up-to-date as well. I'll wait it out and see if I get anything more.

Is it possible that someone is using a script on my site to send mass spam emails? Or could it be my host's fault (because the site is hosted on shared hosting)?

I have sent and email out to my host as well notifying them of the problem, so they don't blame me for the spam. Yikes!

Is there anything else I should do? Anything I'm forgetting? Thanks.



10+ Year Member

Msg#: 11410 posted 3:17 am on Apr 4, 2006 (gmt 0)


It sounds like a nasty variant of the Joe Job.

Below is a link to some helpful advice.


WebmasterWorld Senior Member jomaxx us a WebmasterWorld Top Contributor of All Time 10+ Year Member

Msg#: 11410 posted 3:33 am on Apr 4, 2006 (gmt 0)

Check the headers on the emails to make sure they're really coming from your server. Sometimes spammers just forge your email address as the originator and you get all the bounces.

Unfortunately not all bounces show the original headers.

P.S. the "Joe Job" sounds like basically the same thing, but in my experience spammers pick your address more or less at random. I got hit by this bad a couple of years ago, but it ended after a couple of weeks.


5+ Year Member

Msg#: 11410 posted 4:09 am on Apr 4, 2006 (gmt 0)


This makes more sense. But, after reading that artice I feel so helpless against the attacker.

But, one thing to note is: Since I changed my passwords and updated phpAdsNew, no more bounced emails. Coincedence? I'll keep you posted.


5+ Year Member

Msg#: 11410 posted 12:02 am on Apr 5, 2006 (gmt 0)

Well, after a thorough investigation, I have concluded that it was, indeed, a Joe Job. However, I can't explain why the bounced emails stopped when I updated phpAdsNew and deleted PHPlist. I guess it was just a coincidence.

Global Options:
 top home search open messages active posts  

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved