Your account has been disabled for spam. It appears that you were
sending spam messages from your christine3344 user and causing problems
on the server. We are very much against spam and threatening emails.
When you are disabled for spam you can submit your counter and we will
send this to our abuse team for processing.
Well the user is my sister and she wont do anything , but why it says I spammed? i didnt ? anyone know what happened?
Reading between the lines - did “your sister” send a large number of emails that could be interpreted as “threats,” or a large number of emails of any kind to 1 or more people who did not appreciate receiving them?
One explanatiopn could be that a script runnng as your sister’s user was compromised and exploited by a spammer. If your sister was not “spamming”, this sounds particularly possible, given that they said there was spamming and "causing server problems.
I suggest you carefully review your logs and stats for indications of what happened, and contact DH support with what you have learned.
If it was a rogue script, once you identify and remove it they may be willing to reconsider.
script that contains spam?..hmm , my sis installed a file hosting script in one of my website , it’s like rapid share , but it has like 10 programs in the site only , i don’t think that’s counted a spam
You misunderstood what I was saying in my post. I was trying to explain that a script that was running as your sisters user might have been exploited by a *spammer" (or "cracker, script kiddie, etc), due to a programming error, back-door, etc., to send the spam as her user - not the “script contains spam”. The “script” would not be “counted as spam”, but may have been used by another to send the spam.
This is a relatively common occurrence when “3rd party” scripts are run by those that did not program them to be secure, or do not necessarily understand every weakness or vulnerability in a script they obtained elsewhere.
As the account is suspended, we can’t help you evaluate that by visiting the url in question (it’s no longer reachable because of the suspension), but if you shared the name of the script, the version number, and where the script can be obtained, it may be possible to see if any security advisories or common exploits have been reported for that script.
Again, the beginning of the search for what happened is an carefully examination of your logs and statistics.
No one here can answer that question for you (we are just customers like yourself). From what I have seen, it is not likely to be “unban/unfroze” until or unless you can convince Dreamhost that the spam was unintentional, and that you have identified and removed the circumstance that allowed it to be sent.
Writing Dreamhost without that response is very likely to be unproductive. If you need help in determining what happened, there are those of us here who are willing to help - but you have to do the research/provide the information.
If you want help here, tell us what script(s) your sister was running, and inspect your logs and stats for suspicious or heavy actvity - that is where you start.
Simply saying “all she runs is a file sharing script” and “we didn’t spam” is not likely to get your account unfrozen.
That might be true, but it might not, as I have seen past reports where the serving of files were blocked (using permissions or .htaccess files owned by Dreamhost) but the account is still accessible by ftp.
Certainly, if he cannot access his logs/stats, it will be difficult to tell what happened, and, if he really does not know what occurred, I think he should “counter” to Dreamhost saying that and asking for access to his logs and stats so he can investigate further.
He can certainly research the possible vulnerabilities of the “file sharing” script his “sister” installed in his account, and at least that is a start, eh?
You still need to tell us more if you want advice:
What script was your sister using?
Can you FTP to your account and look at the logs?
Otherwise, we can’t help and you’ll have to work with DreamHost Support to work this all out. They are helpful, but they don’t have the time to troubleshoot your website to find out where the problem is.
I’m also wondering if it might not even be site related, but due to the possibility that his sister’s home computer was compromised and it’s purely an SMTP spam run. DreamHost’s mail isn’t clear to me about the method of the problem.