What are some ways to prevent spam from leaving your servers should a hosting account get compromised?
Have a bunch of clients on a server with cpanel but wondering if there was a way to just prevent a chance if an account was compromised.
-
When I meant compromised I meant, a client signs up or a client account and gets hacked and his account is used for spam.
-
couldn't you setup some type of filter/blacklist terms in exim or spamassassin which would block/stop mail going out if it matched that?
Best Answer
Don't get compromised. Seriously.
Monitor your traffic. You'll understand what's normal and be able to recognize abnormal traffic.
Shut down unnecessary daemons. If the server isn't supposed to send mail, don't run sendmail or postfix.
Restrict SSH access and/or assign SSH a non-standard port (e.g. don't use the default port 22). If you need to use port 22, then augment with a service like DenyHosts to track and stop inbound SSH bot authentication attempts.
Use or enforce strong passwords for yourself and your customers.
Oh, and this: Fighting Spam - What can I do as an: Email Administrator, Domain Owner, or User?