Troubleshooting spam activity on the Grid


Browse by products and services

  • Applies to: Grid
    • Difficulty: Easy
    • Time Needed: 10
    • Tools Required: Account Center access

Overview

The following contains information and additional guides on how to deal with a website or server that is suspected to be conducting spam-like activity.

You may/may not have already received a bounceback from (mt) Media Temple similar to the following:

This message has been blocked due to spam-like content or characteristics. Spam was seen coming from this account, and possibly other scripts running in it. For help resolving the issue, see https://mediatemple.net/community/products/grid/360019772971/troubleshooting-spam-activity-on-the-grid. Once the spam activity has been resolved, feel free to contact support directly.

orĀ 

Access to this mail system has been blocked for # due to spam activity. Spam was seen coming from this account, and possibly other scripts running in it. For help resolving the issue, see https://mediatemple.net/community/products/grid/360019772971/troubleshooting-spam-activity-on-the-grid. Once the spam activity has been resolved, feel free to contact support directly.


Instructions

Update Passwords

Passwords do have the potential to become compromised, allowing a user/bot to send out spam without your knowledge. To combat this, you may want to update any/all passwords on your server and (mt) Media Temple account (Email users, FTP/SSH users, Account Center login, etc).

Should you require a detailed guide on how to update these accounts, feel free to review the additional article below:

Note:
Should you have multiple email accounts and find it difficult to narrow down suspected users, please contact support directly by opening a support request, starting a chat, or by calling us at 1.310.841.5500, and we will happy to help you investigate further.

Uncovering malware/spam

Unfortunately there can be vulnerabilities that users/bots take advantage of to inject malicious code onto a site (CMS, plugin, theme, file permissions, passwords, etc). Certain types of malicious files/code are able to be used to send out spam-like content. To combat this, it would be necessary to track down any malicious files/code and remove them.

Automated Method

(mt) Media Temple provides paid services like the Security Pack, which can help automatically scan and remove malware:

Manual Method

SSH commands such as Find, Grep, or Stat may also be used to manually search for "keywords" or code which may look malicious:

Once any malicious code/files have been removed, it would be recommended to resolve any vulnerabilities on the site/server to prevent future occurrences. For information on "security tips" that can be utilized, feel free to review the additional article below:

Contacting Support

Once the spam activity has been resolved, feel free to contact support directly by opening a support request, starting a chat, or by calling us at 1.310.841.5500 so that we may assist you further with the investigation and remove any blocks that may be occurring on your email services.

Additional Resources