Spam problems!

Discussion in 'General' started by mek, Feb 19, 2013.

  1. mek

    mek New Member

    Hello, i have problem with spam on one domain, how can i disable this spaming from domain to others??? I have ispconfig 3 with postfix, spam filters are not working also i tried with restrictions files in postfix cf....

    So for now i dont have mx records for this domain but the messages are still comming on mail queue!

    Please can somebody help me!!!

  2. mek

    mek New Member

    OK i did now blacklists on postfix for that domain now i wait......!!!
  3. mek

    mek New Member

    The results are the same i did postqueue -f and that is the result....

    -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
    5268EC6196 1530 Tue Feb 19 14:22:04
    (host[] refused to talk to me: 421 4.7.1 : (DNS:NR)

    -- 2 Kbytes in 1 Request.
    root@ns1:~# postqueue -p
    -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
    46CADC6199* 1505 Tue Feb 19 14:24:47

    4513DC6194* 929 Tue Feb 19 14:24:48

    5268EC6196 1530 Tue Feb 19 14:22:04
    (host[] refused to talk to me: 421 4.7.1 : (DNS:NR)

    510B5C6192 1499 Tue Feb 19 14:24:44
    (host[] said: 421-4.7.0 [ 4] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit 421 4.7.0 to review our Bulk Email Senders Guidelines. t10si24055000pay.99 - gsmtp (in reply to end of DATA command))

    I dont have this email accounts on my server just domain?
    Can someone help me?
    Last edited: Feb 19, 2013
  4. mek

    mek New Member

    I have a question how can somebody sent a mail from my domain that is not a email user???

    Please i need answers?????
  5. falko

    falko Super Moderator ISPConfig Developer

    A weakness of the smtp protocol - you can fake sender addresses. You can use whatever sender address you like.
  6. mek

    mek New Member

    OK i know that now!

    So i decided that i hardened the postfix and i close up 25 port, so for now is this a step one! Also i have found a script on my server that has sendind email from my domain called pp1.php. I have closed up my ports and the messages are still comming to my queue so i found the script that was uploaded on my server via joomla.

    Thanks i solved for now the problem it was not the postfix but joomla injection!!!


Share This Page