Hi all,

I've been running ispconfig v2.2.7 with postfix mail and roundcube webmail for some time now without issues.

the last day or so - looks like someone may have found a hack for my server and has been using my smtp gateway to send spam.

As a resuly - my ISP blocked my IP...

I shutdown my smtp server and then got them to unblock so web pages can work, etc..

my problem now is - can I separately upgrade the postfix smtp server somehow WITHOUT my users loosing any stored mail or user settings ?

also - is there anyway I can upgrade from ispconfig 2.2.7 to later versions that might not be vulnerable without loosing my website and user settings/config ???

what's the best and quickest way for me to move forward on this..

Any help greatly appreciated..

PS: Looks like i'm on Postfix version 2.1.5

my problem now is - can I separately upgrade the postfix smtp server somehow WITHOUT my users loosing any stored mail or user settings ?Yes, if your distribution offers an upgrade package.

also - is there anyway I can upgrade from ispconfig 2.2.7 to later versions that might not be vulnerable without loosing my website and user settings/config ???

Yes, just download 2.2.29 and run
tar xvfz ISPConfig-2.2.29.tar.gz
cd install_ispconfig
./setup

also - is there anyway I can upgrade from ispconfig 2.2.7 to later versions that might not be vulnerable without loosing my website and user settings/config ???

It si not very likely that this has anything to do with ispconfig. But nevertheless you should aleays keep your ispconfig up to date.

In most cases such a spamming problem is caused by a vulnerable cms system or contact form installed on your server.