You are invited to Log in or Register a free Frihost Account!

Troubleshooting: "200 emails have been sent yesterday&q

I'm on the site, so I imagine that would be server 4. I've been getting these email notifications from DirectAdmin

A new message or response with subject:

Warning: 201 emails have been sent yesterday

has arrived for you to view.
Follow this link to view it:

Automatically generated email produced by DirectAdmin 1.46.3

Do Not Reply.

I'm unable to log-in to figure out what's going on, and the url for my site results in an "ERR_CONNECTION_TIMED_OUT"

Please help. Thanks.
You're stuck as there is no Admin except Bondings who has access to Frihost Server 4 and only an Admin can solve your problem.

Best guess is that a perpetrator may have got backdoor entrance to your system through a vulnerability in an out of date script, using it as a launch pad to send bulk spam emails from your account. Could be Stealrat infection as that is the most popular one. We've had a bad Stealrat infection twice now on Server 1 since August last year - both times it was due to out of date scripts - in our case Joomla once and WordPress in the other. This is a very serious problem as the Frihost IP that you are hosted on can can potentially get blacklisted if Spamhaus picks up on spam mails being sent from the IP. I checked and the IP is still OK, so maybe your account has been automatically blocked. Which if it had been infected would be a blessing to every one else sharing the same server. Their IP is still OK.

Looks as though the setting in DirectAdmin responsible for blocking the account is at least some form of protection for all of the other accounts on Servers 2/3/4. That's a relief as I always wondered what would happen with that infection if there was no regular Admin around to check when a Website has become infected.

You can read more about Stealrat at the URL below:

And the Direct-Admin symptom you described:

That is why up to date CMS scripts aren't a luxury any longer. But a real necessity. One can't afford to let a WordPress/Joomla/Drupal site sit unattended without updating the scripts for long periods of time as there must be thousands of those Stealrat type bots checking for vulnerabilities all of the time.
How do I notify Bondings of this issue?
bluepig83 wrote:
How do I notify Bondings of this issue?
You can PM him of course. I've e-mailed him.

He'll probably need the user name of the hosting account or domain name or both.

I checked the IPs again and they're OK.
Any news on server4? I've moved on but still visit here and would like to maybe return here since FriHost *still* is a better value than some paid webhosts.
Dean, you seem to be fairly active on this site still, so I hope you can help me up with a followup.

I've still haven't been able to make contact with Bondings, and now when I type the url, the error message says the site cannot be reached.

At this point, I would just like to be able to get into my account to download a backup copy, so I can have an archive of the blog posts I've written since 2012. Even just a copy of the text of the posts would make me happy.
Sorry BluePig but I'm afraid the news is not too good. Server 4 crashed and was cancelled some months ago. Here's a link to the announcement of the crash:

That is unfortunate. But I appreciate your response and the link. That at least gives me some closure. Hope you have a great week!
Related topics
Hackers try to take down U.K. cops
Horde Email Through CPANEL
Question about parked domain...
Horde Email Problem
Frihost server banned by aol mail because it spams?????
Email Forwarding/Accounts Question
Email from Yahoo! and AOL will be CHARGED
linux with xp
Google domain applications issue.
Want to fly to the USA? Hand over all your emails!
preventing spam emails
My email was hacked by someone
Blackberry emails
Email notification - Warning: 350 emails have just been sent
Reply to topic    Frihost Forum Index -> Support and Web Hosting -> Frihost Support

© 2005-2011 Frihost, forums powered by phpBB.