HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   General (
-   -   Spam problems! (

mek 19th February 2013 14:58

Spam problems!
Hello, i have problem with spam on one domain, how can i disable this spaming from domain to others??? I have ispconfig 3 with postfix, spam filters are not working also i tried with restrictions files in postfix cf....

So for now i dont have mx records for this domain but the messages are still comming on mail queue!

Please can somebody help me!!!


mek 19th February 2013 15:24

OK i did now blacklists on postfix for that domain now i wait......!!!

mek 19th February 2013 15:28

The results are the same i did postqueue -f and that is the result....

-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
5268EC6196 1530 Tue Feb 19 14:22:04
(host[] refused to talk to me: 421 4.7.1 : (DNS:NR)

-- 2 Kbytes in 1 Request.
root@ns1:~# postqueue -p
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
46CADC6199* 1505 Tue Feb 19 14:24:47

4513DC6194* 929 Tue Feb 19 14:24:48

5268EC6196 1530 Tue Feb 19 14:22:04
(host[] refused to talk to me: 421 4.7.1 : (DNS:NR)

510B5C6192 1499 Tue Feb 19 14:24:44
(host[] said: 421-4.7.0 [ 4] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit 421 4.7.0 to review our Bulk Email Senders Guidelines. t10si24055000pay.99 - gsmtp (in reply to end of DATA command))

I dont have this email accounts on my server just domain?
Can someone help me?

mek 19th February 2013 20:09

I have a question how can somebody sent a mail from my domain that is not a email user???

Please i need answers?????

falko 22nd February 2013 14:21

A weakness of the smtp protocol - you can fake sender addresses. You can use whatever sender address you like.

mek 22nd February 2013 15:06

OK i know that now!
So i decided that i hardened the postfix and i close up 25 port, so for now is this a step one! Also i have found a script on my server that has sendind email from my domain called pp1.php. I have closed up my ports and the messages are still comming to my queue so i found the script that was uploaded on my server via joomla.

Thanks i solved for now the problem it was not the postfix but joomla injection!!!


All times are GMT +2. The time now is 02:24.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.