Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 26th March 2012, 11:18
nokia80 nokia80 is offline
HowtoForge Supporter
 
Join Date: Apr 2009
Posts: 187
Thanks: 30
Thanked 2 Times in 2 Posts
Send a message via Skype™ to nokia80
Default help my server is sending spam

hi all

when i do postqueue -p i see a error list

.... Email addresses removed by admin ....

because this problem mysql fails please any ideas
__________________
You will only see if you get it...
ISPConfig is the future

Last edited by till; 26th March 2012 at 11:50. Reason: Removed long email list
Reply With Quote
Sponsored Links
  #2  
Old 26th March 2012, 11:21
sjau sjau is offline
Local Meanie
 
Join Date: Apr 2006
Location: Switzerland
Posts: 1,146
Thanks: 4
Thanked 55 Times in 51 Posts
Default

you first have to figure out where the spam is being sent from. What does the mail.log say about it?
__________________
"Common sense is not as common as commonly believed" by sjau

Auto-Install Script for ISPConfig and Horde on a Vanilla Debian Stable

Need more Repos for Ubuntu? Repository Generator
Need more Repos for Debian? Debian Repository Generator
Reply With Quote
The Following User Says Thank You to sjau For This Useful Post:
nokia80 (26th March 2012)
  #3  
Old 26th March 2012, 11:42
nokia80 nokia80 is offline
HowtoForge Supporter
 
Join Date: Apr 2009
Posts: 187
Thanks: 30
Thanked 2 Times in 2 Posts
Send a message via Skype™ to nokia80
Default

problem solved thanks to till
__________________
You will only see if you get it...
ISPConfig is the future
Reply With Quote
  #4  
Old 26th March 2012, 11:47
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,034
Thanks: 265
Thanked 151 Times in 131 Posts
Default

Maybe it's a good idea to remove all the email addresses that you posted in your 1st post.
Spam bot's will index them, causing the users to get even more spam!
__________________
Never execute code written on a Friday or a Monday.
Reply With Quote
The Following User Says Thank You to edge For This Useful Post:
nokia80 (26th March 2012)
  #5  
Old 20th July 2012, 11:30
vaio vaio is offline
Member
 
Join Date: Nov 2010
Posts: 48
Thanks: 21
Thanked 1 Time in 1 Post
Default

Hello,
how did you solve it?

I got spam sended from my server today... Please help me.
Thanks,
V.
Reply With Quote
  #6  
Old 20th July 2012, 12:13
pititis pititis is offline
Senior Member
 
Join Date: Dec 2010
Location: München
Posts: 364
Thanks: 39
Thanked 90 Times in 68 Posts
Default

First step is to know the source of your problem. Can you give us more details or mail log?
Reply With Quote
The Following User Says Thank You to pititis For This Useful Post:
vaio (20th July 2012)
  #7  
Old 20th July 2012, 13:20
vaio vaio is offline
Member
 
Join Date: Nov 2010
Posts: 48
Thanks: 21
Thanked 1 Time in 1 Post
Default

Hello pititis,
it looks like this:


Code:
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
5D40D42AA19* 4331 Fri Jul 20 02:24:11 marketing@somemail.tld
(lost connection with mg.atlantech.tld[209.183.192.125] while receiving the initial server greeting)
cjdouglass@xx.tld
(connect to xxx.tld[203.92.211.31]:25: Connection timed out)
cosmos@xx.tld
craft@xx.tld
(connect to athena.athenet.tld[209.103.196.19]:25: Connection timed out)
cmuller@xx.athenet.tld
creative@athena.xx.tld
deanna.xxx@ast.lmco.tld

7953842A607* 4428 Wed Jul 18 15:30:33 marketing@somemail.tld
(connect to flash.laxxxxeheadu.ca[xx.xx.xx.xxx]:25: Connection refused)
dly@flash.xx.ca
(connect to fn1.freenet.xxxx.ab.ca[216.xxx.xx.xxx]:25: Connection timed out)
karpo@fn1.freenet.xxxxx.ab.ca
xx@xxxx.tld


7953842A607* 4428 Wed Jul 18 15:30:33 marketing@somemail.tld
(connect to flash.lakeheadu.ca[65.39.15.21]:25: Connection refused)
dly@flash.lakeheadu.ca
(connect to fn1.freenet.edmonton.ab.ca[216.xxx.xxx.xx]:25: Connection timed out)
karpo@fn1.freenet.xx.ab.ca
rthommen@xx.net

24CFB42AA0F* 3029 Fri Jul 20 11:28:45 marketing@somemail.tld
(host mx.xx.ca[24.xxx.xxx.37] refused to talk to me: 452 try later)
genesismarketing@xxxx.xx
xxxxx@videotron.xx
(connect to mx3.wellsfargo.tld[151.151.26.152]:25: Connection refused)
george.bloomfield@wachoviasec.tld
(host mxb-000c7201.gslb.xx.tld[xxx.xxx.xxx.xx] refused to talk to me: 554 Blocked - see https://support.proofpoint.tld/dnsbl-lookup.cgi?ip=192.168.0.1)
Gerard.xx@wal-xxxx.tld
georgina.xx@xxxx-xxxx.tld
NOTE: i have masked or deformed addresses and IP's.


It sends from email address i have first disabled, but than completly deleted...

Any suggestions?
THANKS
Reply With Quote
  #8  
Old 20th July 2012, 15:53
sjau sjau is offline
Local Meanie
 
Join Date: Apr 2006
Location: Switzerland
Posts: 1,146
Thanks: 4
Thanked 55 Times in 51 Posts
Default

you have to find out from which account it is being sent
__________________
"Common sense is not as common as commonly believed" by sjau

Auto-Install Script for ISPConfig and Horde on a Vanilla Debian Stable

Need more Repos for Ubuntu? Repository Generator
Need more Repos for Debian? Debian Repository Generator
Reply With Quote
  #9  
Old 20th July 2012, 16:02
vaio vaio is offline
Member
 
Join Date: Nov 2010
Posts: 48
Thanks: 21
Thanked 1 Time in 1 Post
Default

Hello friend,
it is always being sent from one account - one email, for example marketing@xxxxx.tld, but i have online and manually checked this xxxxx.tld website and doesn't seem to be leaking...

Is it possible to find out some other way?
Thanks for efforts!!
Reply With Quote
  #10  
Old 20th July 2012, 16:08
sjau sjau is offline
Local Meanie
 
Join Date: Apr 2006
Location: Switzerland
Posts: 1,146
Thanks: 4
Thanked 55 Times in 51 Posts
 
Default

well, one can put any sender into.... so are you sure it's being sent from that account? You could also alter PHP in such a way that it logs when the php mail() is being used and store from where it was used...
__________________
"Common sense is not as common as commonly believed" by sjau

Auto-Install Script for ISPConfig and Horde on a Vanilla Debian Stable

Need more Repos for Ubuntu? Repository Generator
Need more Repos for Debian? Debian Repository Generator
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 3.0.3.3 fresh instalation - email tab is empty artur_gib Installation/Configuration 14 28th January 2014 19:02
User unknown in relay recipient table Taxick Installation/Configuration 12 9th April 2013 12:31
ISPConfig 3 Installation - Postfix queue stuck andrew971218 Installation/Configuration 21 15th July 2011 14:42
Statistic not working mzo Installation/Configuration 49 20th April 2011 12:19
Sending mail ISPConfig 3 but not receivind catza Installation/Configuration 20 19th May 2010 12:47


All times are GMT +2. The time now is 10:16.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.