Search results

Hi Everyone, After switching to Dovecot and installing the Email Security Extension all users who have POP3 accounts are re-downloading all their emails. Is this a common occurrence and does anyone know how to prevent this? Thank you, Jayson

On my sever /var/www/cgi-bin is root:root including subdirectories and files /var/www/html is root:root including subdir and files /var/www/usage is webalizer:root including subdir and files vhosts is the one you probably messed up. /var/www/vhosts is root:root but the subdirectories and files...

Thank you, I was hoping that was the case.

That's why I only asked if the sasl_username could be the alias. If yet, then I'm not going to do any digging past talking to the mail user. (changed customer domain to domain.org) Nov 27 18:27:17 bigserv postfix/smtpd[24475]: A334E90E3B: client=unknown[155.133.82.113], sasl_method=CRAM-MD5...

Hello, Centos 7 postfix Just had a customer have their email hacked and used to send spam. I was surprised to see maillog shows the sasl_username used for sending was the email alias and not the actual user account. Is this by design? Or, does it indicate a configuration issue? Thanks,

Hello, I recently upgraded to 12.5 and have enabled Fail2Ban. I'm getting complaints that it keeps blocking a customer trying to use his configured Web_User account. I'd rather not whitelist his IP and wanted to check xferlog for reasons for blocking. Under his domain logs the last entry I...

Thanks for that, it's working fine now.

Hello, I have the Plesk Slave DNS Manager extension configured with a bind 9 slave server installed on Centos 6. It seems to work and allows queries from the localhost. Anyone know where I would put the allow-query option for each zone on a slave server? If I set allow-query to any in...

Tools & Settings -> Mail Server Settings -> Whitelist Have you tried here?

I've been using StoreGrid. http://storegrid.vembu.com/online-backup/control-panel-integration.php

Perhaps its a calculation problem rather than actual IMAP traffic. This, POP3/IMAP: 128 GB doesn't really line up with your stats, February: 2,74GB (822MB POP3/IMAP) January:2,00GB (804MB POP3/IMAP) December: 1,44GB (771MB POP3/IMAP) November: 2,19GB (901MB POP3/IMAP) Doesn't this mean for...

If you cat these files A946AC84CAD and look at the header does it say who sent it? If it's a script it may not say who, i.e. from <>, in this case I check the time stamp and compare against the httpd log file for that domain.

I would run mailq and check your queue or in control panel and look for the Queue ID of your message, eg. CE648EC0294. Then check /var/spool/postfix/deferred (if you use postfix) and see who sent it. It could be an email account, or a script being exploited on your server. I recently had a...

With that kind of traffic I would think your maillog would have lots of details. /usr/local/psa/var/log/maillog There's probably a ton entries that could help you find this.. At least in the maillog you can see if its an email account or website script that's been hacked.

Hello, I have Plesk 11.09 on a Centos 6.3 box. Recently to deal with the high spam volumes I turned on greylisting for all domains. After a few complaints I tried to turn it off for select domains. However, it does not seem to matter if I un-select per domain. Home>Tools & Settings> Spam...

I don't know if you would really have to be that careful. Most of my customers use SMTPAuthentication on port 587 and only send through my server, some use webmail. I understand for people who want to use their ISP to send email on their domain, but normally they aren't mobile so adding...

Please let me know if I'm wrong, but isn't this exactly what SPF should be used for? If you have an SPF record for your domain and this remote spammer is not listed as an ip allowed to send your email then it is rejected.

Do you have openssl installed? rpm -q openssl openssl-1.0.0-20.el6_2.5.x86_64 I have in my /usr/lib64 lrwxrwxrwx. 1 root root 15 Jul 22 2012 /usr/lib64/libssl.so.10 -> libssl.so.1.0.0 lrwxrwxrwx. 1 root root 18 Jul 22 2012 /usr/lib64/libcrypto.so.10 -> libcrypto.so.1.0.0 if not...

31.184.244.18 - - [22/Jan/2013:02:03:28 -0800] "POST /.e13d.php HTTP/1.1" 404 433 "-" "-" 31.184.244.18 - - [22/Jan/2013:02:03:30 -0800] "POST /anon_ftp/.e13d.php HTTP/1.1" 404 442 "-" "-" 31.184.244.18 - - [22/Jan/2013:02:03:36 -0800] "POST /.6645.php HTTP/1.1" 404 433 "-" "-" 31.184.244.18...

Found it. .81c8.php