18 Sep

Domain example.com has exceeded the max defers and failures per hour

In cPanel 11.32, a new feature is added to limit the ability of exploited or hacked sites to send out spam emails.

If you are receiving an error similar to “Domain example.com has exceeded the max defers and failures per hour (5/5 (100%)) allowed” in an email bounce back, it means that outgoing email from your domain has triggered a rule in the server that will stop any further email from going out of the server. This happens when a domain account sends out emails that either fail or get deferred. cPanel will regularly monitor the emails sent through all email accounts on your domain, and if, over the past hour, more than 100% of the attempted deliveries have failed, outbound email will temporarily be limited.

Let see how cPanel describe about this new feature of cPanel:

The maximum percentage of a domain’s outgoing mail that can consist of failed or deferred messages. Once the domain exceeds this percentage, it is temporarily blocked from sending mail.

This error is derived from an hourly monitoring system from cPanel, where any blocked domains are allowed to send email again at the top of every hour. For example, if you received this error at 2:45pm, the block will release at 3:00pm and the domain will be able to send emails out once more.

To solve the issue immediately for a domain, we have to remove the following file:

/var/cpanel/email_send_limits/max_deferfail_exampledomain.com

and restart the exim service. Please note, this will need to be done by a system admin with root permission to server.

03 Sep

Critical Update for Joomla! Users

If you are a Joomla user, you better start updating your sites now.

Joomla was updated recently! Joomla issued a new minor versions, v2.5.14 and v3.1.5, that patches some very critical security holes, so it is very important you update as soon as possible! We are urging all customers to log in to update their Joomla sites to the latest version to help keep your site secure! They didn’t provide much details, but by the summary is seems serious enough to allow users to bypass upload restrictions:

  • Project: Joomla!
  • Severity: Critical
  • Versions: 2.5.13 and earlier 2.5.x versions. 3.1.4 and earlier 3.x versions.
  • Exploit type: Unauthorised Uploads
  • Reported Date: 2013-June-25
  • Fixed Date: 2013-July-31
  • Description: Inadequate filtering leads to the ability to bypass file type upload restrictions.

More information on Joomla 2.5.14 update here: http://developer.joomla.org/security/news/563-20130801-core-unauthorised-uploads

If you have any questions, feel free to email us at support[at]tetrahostbd[dot]com.