• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

autoreport.php compromised

P

Praz

Guest
This is new. Our webmaster's mailbox filled with failure notices from Qmail. When we examined it, it was from domain report and it appears the domain report has been sent a whole host of email address that we can't find anywhere on the system. Further more we can't even find the emails to which the domain report was sent to in the Qmail logs.

There is also a strange bug where if you schedule a weekly Delivery report to a specified email address, it configures a weekly report to all the domains on the server, there by creating about hundred reports that are sent to the specified address.

The script thats invoked by the report delivery system is autoreport.php. However we have no way of reading the file as it's been encoded.

Please can someone help me with this as it's becoming very embarrassing for us!

Many thanks.

Praz.
 
You must log in or register to reply here.

Similar threads

F
Issue Troubleshooting Email Delivery Issues in Plesk Obsidian on Ubuntu 22.04
Replies
7
Views
1K
FreeRoaming
F
M
Issue Outgoing Mail Control is always 0
Replies
1
Views
658
MarketPC
M
S
Issue Certificate verification failed
Replies
8
Views
2K
FloLa
F
E
Issue Several understanding errors in my postfix
Replies
4
Views
6K
estanis
E
D
Question get spam sent out
Replies
7
Views
2K
Detlef D.
D
Back
Top