dnelson

Members
  • Content count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About dnelson

  • Rank
    Newbie
  1. How is that done? I'm considering moving to another vps. I originally had my servers on a box at home and used a dynamic dns service. Worked quite well, but my adsl line is flakey and was getting a new ip too often. And then the dynamic dns server had problems so I thought it would be better with a fixed ip on an external server. But as soon as I did, I got way more break in attempts and spam problems.
  2. Again, thanks to everyone for your suggestions, they have been helpful. I think that the traffic through one of the routers associated with the vps is being monitored. From that it would be obvious I have a mail server and maybe less obvious that it is being accessed via webmail. There is probably some automated process looking at the ip addresses accessing the webmail server and matching the spam sent to the mail server according to ip address location. As suggested, I did a traceroute and then did a search on the last hop (west-datacenter.net). mywot.com gives it a poor rating. In answer to your question about number of domain names etcetera, there are 3 domains each with one email address. Two of the domains are getting spam inviting me to take up their job offer. When we were in Europe we were all accessing our webmail via the same iPad. Now that I'm back home I'm using my Ubuntu box and my wife is using her Windows box. Both started to get Australian targeted email as soon as we got back. I can't see how it could be the computers accessing webmail that are compromised. My daughter seems to have been lucky enough not to be targeted. As for the mail server itself, I think I've set it up fairly tightly. It's a Postfix server and has active anti-spam measures such connection and header checks as well as blocklisting. It only accepts mail for actual users. Any pop connections (Dovecot) are via pop3s.
  3. Thanks for you suggestions. I tend to think it is something to do with the second in the list. I can't see how the server would have been compromised, I'm very careful about access to it, plus I monitor the logs pretty regularly. Where are you in WA? I'm in East Vic Park in Perth
  4. The question is how do they get the ip address? The server is a Debian box that only I have access to.
  5. I run a very small mail server with a couple of different domains for my family and myself. It's hosted on a VPS located somewhere in America. I'm located in Australia and I've been getting multiple spam about jobs in Australia. I was in Europe for 10 days and I was getting similar spam, but this time for jobs in Europe. Got back home yesterday and now I'm getting spam for jobs in Australia again. I have no idea how the spammer would know my location. The server hasn't changed. It's a VPS Debian box running Postfix, and it's not in Australia or Europe. I am the only person with access to it. I use Roundcube, running under Apache, as a webmail server, on the same Debian VPS. So when I was in Europe access to webmail was, obviously, from Europe. But I don't know how a spammer would get this information unless they were monitoring packets going to and from my server, and getting location from the ip address. Is this possible? Wouldn't the spammer would have to have access to a router somewhere near my server to do so? I'm very security conscious and don't believe that my server has been compromised.