CSF Firewall RELAY Alert / RELAY, Remote IP
Blacklisted SMTP IP addresses

:

csf RELAY Alert / RELAY, Remote IP
bounce
Undelivered Mail Returned to Sender
<> Trackdelivery
ip

I am getting hundreds of these errors in my inbox everyday.

Time: Thu Feb 19 23:09:28 2015 -0500
Type: RELAY, Remote IP - 111.69.139.68 (US/United States/mx55.h.outbound.createsend.com)
Count: 101 emails relayed
Blocked: No

Sample of the first 10 emails:

2015-02-19 23:02:56 1YOenn-0002bF-RJ <= [email protected] H=mx55.h.outbound.createsend.com [204.75.142.55]:35593 P=esmtp S=50023 id=[email protected] T="Just Car News: Reel Deal Winners, Latest from Mighty Car Mods, ADGP and more" for [email protected]

do anyone knows what is it?
:

This is not outgoing spam being relayed through the VPS. This is incoming spam being received by the VPS which caused LFD to trigger a RELAY alert due to the remote IP address '111.69.139.68' sending to over 100 recipients within an hour's time.

bulk emails


block ip + server name
csf cphulk

+

You can use the Exim Blacklist to refuse all SMTP traffic from an IP
WHM >> Service Configuration >> Exim Configuration Manager
Basic Editor -Access Lists
Blacklisted SMTP IP addresses
(IP addresses from which SMTP connections are dropped unconditionally)



ip


WHM/cPanel SMTP Relay / Open mail relay


:
https://www.knownhost.com/forums/thr...d-states.3349/
https://forum.configserver.com/viewtopic.php?t=1493
https://forum.configserver.com/viewtopic.php?t=8236
https://forums.cpanel.net/threads/di...alerts.612903/
https://forums.cpanel.net/threads/di...alerts.612903/