• Inviting everyone who uses WordPress management tools in Plesk
    The Plesk team is conducting a 60-minute research session that includes an interview and a moderated usability test.
    To participate, please use this link .
    Your experience will help shape product decisions and ensure the tools better support real-world use cases.

autoreport.php compromised

P

Praz

Guest
This is new. Our webmaster's mailbox filled with failure notices from Qmail. When we examined it, it was from domain report and it appears the domain report has been sent a whole host of email address that we can't find anywhere on the system. Further more we can't even find the emails to which the domain report was sent to in the Qmail logs.

There is also a strange bug where if you schedule a weekly Delivery report to a specified email address, it configures a weekly report to all the domains on the server, there by creating about hundred reports that are sent to the specified address.

The script thats invoked by the report delivery system is autoreport.php. However we have no way of reading the file as it's been encoded.

Please can someone help me with this as it's becoming very embarrassing for us!

Many thanks.

Praz.
 
You must log in or register to reply here.

Similar threads

M
Issue PHP Cronjob in Plesk -- Lack of documentation. Lack of structure. Multiple Issues.
Replies
2
Views
508
MHC_1
M
M
Resolved How to deal with sending emails to the same domain when email is hosted elsewhere
Replies
3
Views
576
MHC_1
M
F
Question Question regarding outgoing email limits
Replies
2
Views
514
flex1
F
M
Question System account sending email through smpt relay but no configuration present
Replies
3
Views
3K
maratn
M
S
Issue Issues and confusion with mail forwarding
Replies
1
Views
1K
spiceypork
S
Back
Top