UKC, Author at UK-Cheapest.co.uk

Which firewall ports need to be open for POP, POPS, IMAP, IMAPS and SMTP?

February 16, 2012

Re: Email port, ports for email, secure email ports

When troubleshooting email and mail server related problems it is wise to first check that all of your email ports are open and not being blocked by your firewall, here you can find the ports you need open for POP, POPS, IMAP, IMAPS and SMTP

Port 25 allows SMTP connections
Port 110 allows POP connections
Port 995 allows POPS connections
Port 143 allows IMAP connections
Port 993 allows IMAPS connections

Ensure these ports are open if you are have problems communicating with your mail server.

How to setup email on your iPhone or iPad

August 10, 2017February 2, 2012

Re: Setup email on iPhone, iPad, iPod or IMAP PC/Mac client

So you have logged in to Plesk and created your mailbox. Now, apart from being able to use RoundCube Webmail straight away, you might want to connect your cool iDevices too. Here’s how to do it…

Try the following for sending/receiving IMAP on your iPhone/iPad or Mac/PC devices:

Incoming Mail Server
Hostname: mail.yourdomain.co.uk
User Name: mailboxname@yourdomain.co.uk
Password: (your password)

A certificate warning may be displayed, please click on Details -> Trust to continue. This will allow you to use your shared hosting server SSL certificate to connect securely to your mail account.

Advanced Incoming Settings
Use SSL: ON
Authentication: Password
IMAP Prefix: INBOX
Server Port: 993
S/MIME: OFF

Outgoing Mail Server (SMTP)
Hostname: mail.yourdomain.co.uk
User Name: mailboxname@yourdomain.co.uk
Password: (your password)
Use SSL: ON
Authentication: Password
Server Port: 587

Obviously replace mailboxname@yourdomain.co.uk with your own actual mail box name and yourdomain.co.uk with your actual domain name. Now you should be able to send and receive without any problems.

How to find an anonymous spammer on a Plesk server

January 6, 2012

Re: Finding Plesk Spammer, Qmail spam source, Anonymous spam

So you’ve done all the basics, looked through the maillogs and you’ve determined the spammer is sending from “anonymous” which means a vulnerable script somewhere on the server. But where? Great, so now let’s delve a little deeper to find the UID of the spammer.

1) Let’s take a look in the mail queue and read one of those spam email references:

# /var/qmail/bin/qmail-qread

remote ankush_krishna2137@yahoo.com
6 Jan 2012 09:14:53 GMT #34012584 2987 <anonymous@server.microlite8.com>

2) Now we have a message ID, let’s search for the actual message:

# find /var/qmail/queue/ -name 34012584

/var/qmail/queue/info/0/34012584
/var/qmail/queue/remote/0/34012584
/var/qmail/queue/mess/0/34012584

3) Great! Now let’s see what’s in the message to get out that all telling UID:

# cat /var/qmail/queue/mess/0/34012584

Received: (qmail 9936 invoked by uid 10820); 6 Jan 2012 09:14:50 +0000
Date: 6 Jan 2012 09:14:50 +0000
Message-ID: <20120106091450.9934.qmail@server.microliteX.com>
To: annette@recdom.wandoo.co.uk
Subject: Urgent Reply
From: Mrs.Farida Waziri <faridawaziri@hotmail.com>

4) Let’s map the UID to a domain name on the Plesk server:

# cat /etc/passwd | grep 10820

admin947932:x:10820:2523::/var/www/vhosts/thisisthespammer.com:/bin/false

5) Spammer caught 😀

Please share this page on Facebook or Google+ if you found this article useful.

How to check if your site is infected with Malware

June 23, 2012January 5, 2012

Is your site infected with Malware?

There is one sure fire way to check if your site is infected with Malware, ask Google!

Go to the following URL and insert your domain name at the end, here is a sample:

http://www.google.com/safebrowsing/diagnostic?site=uk-cheapest.co.uk

You can also scan your website for free at Sucuri.net here:

http://sucuri.net/

Clearing your PC of Malware

To check your PC for malware, use the following free software:

AdAware – http://www.lavasoft.com/
MBAM – http://www.malwarebytes.org/products/malwarebytes_free

This free software will remove all malware and malicious ads, spyware and cookies from your PC and should be run regularly to ensure an optimum browsing experience.

Securing your WordPress application

There are many ways to protect your site from hackers and malware, see here for WordPress:

How to secure your WordPress file and directory structure

How to secure WordPress in 7 easy steps

How to block Yandex using IPTABLES or APF

January 5, 2012

Re: Yandex IP range, Yandex subnets, Block Yandex Robots

Across our server range we are finding that Yandex continues to ignore robots.txt files and crawls some sites constantly, so how do you stop such an abuse of your network resources?

If you use IPTABLES or APF (you should!) then you can block all Yandex spiders using the following IP ranges:

77.88.0.0/18 # yandex.ru
77.88.22.0/23 # yandex.ru
77.88.24.0/21 # yandex.ru
77.88.24.0/22 # yandex.ru
77.88.28.0/22 # yandex.ru
77.88.36.0/23 # yandex.ru
77.88.42.0/23 # yandex.ru
77.88.44.0/24 # yandex.ru
77.88.50.0/23 # yandex.ru
87.250.224.0/19 # yandex.ru
87.250.230.0/23 # yandex.ru
87.250.252.0/22 # yandex.ru
93.158.128.0/18 # yandex.ru
93.158.137.0/24 # yandex.ru
93.158.144.0/21 # yandex.ru
93.158.144.0/23 # yandex.ru
93.158.146.0/23 # yandex.ru
93.158.148.0/22 # yandex.ru
95.108.128.0/17 # yandex.ru
95.108.128.0/24 # yandex.ru
95.108.152.0/22 # yandex.ru
95.108.216.0/23 # yandex.ru
95.108.240.0/21 # yandex.ru
95.108.248.0/23  # yandex.ru
178.154.128.0/17 # yandex.ru
178.154.160.0/22 # yandex.ru
178.154.164.0/23 # yandex.ru
199.36.240.0/22 # yandex.ru
213.180.192.0/19 # yandex.ru
213.180.204.0/24 # yandex.ru
213.180.206.0/23 # yandex.ru
213.180.209.0/24 # yandex.ru
213.180.218.0/23 # yandex.ru
213.180.220.0/23 # yandex.ru

Simply restart APF and Yandex will no longer be a problem (until they extend their network!).