Problems with hack/spam

Discussion in 'General' started by nygaard91, Jan 25, 2016.

  1. nygaard91

    nygaard91 New Member

    Hello I'm new to the forum and I hope to get some help.
    In the last couple of day I have had some problems with spam being sent from my server.
    I believe the problem it originates from a joomla site or a custom made php site, I know the problem isn't ISPconfig.
    My question is this: Can I blacklist all emails going out of the server which doesn't match any domain name under "Clients"?
    All the mail are being "spoofed" as yahoo, drug sites and gambling sites. I know isn't a viable fix, but I hope it can buy me some time.
    I have played arround with "Email -> Global Filters -> Postfix Blacklist" but without luck.

    Another question... Is it possibale to get an email when the server is overloaded?
    Furthermore... I will happily accept any advice/tips/suggestions.
     
  2. chico11mbit

    chico11mbit Member HowtoForge Supporter

    You can use munin for this. in munin.conf

    Code:
    contacts email
    contact.email.command mail -s "ACHTUNG! MUNIN-Alarm fuer ${var:group} :: ${var:host}" [email protected]
    contact.email.always_send warning critical
    
    # a simple host tree
    [yourdomain.de]
        address 127.0.0.1
        use_node_name yes
        postfix_mailqueue.active.warning 30
        postfix_mailqueue.active.critical 50
        postfix_mailqueue.deferred.warning 15
        postfix_mailqueue.deferred.critical 50
        postfix_mailqueue.incoming.warning 25
        postfix_mailqueue.incoming.critical 35
     
  3. nygaard91

    nygaard91 New Member

    Thank you!! I will have a look at it. Do I make a "host tree" for each domain.
     
  4. chico11mbit

    chico11mbit Member HowtoForge Supporter

    no. that is the name of your server (like server.xyz.de)
     

Share This Page