• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Help with spammer

hardbrasil

hardbrasil

Regular Pleskian
Hello fellas,
could you help me to identify what is going on?

i have one customer that receive a lot of bounce messages saying that "email was not able to be delivered - ".
BUT, the issue is my customer is not sending this email.

i am afraid of someone is sending spam and putting my customer like a "catch all bounce".


here is a copy of an example:

Code: 
This is the mail system at host admin.myhost.com.br.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<[email protected]>: host mx4.hotmail.com[104.44.194.235] said: 550
    Requested action not taken: mailbox unavailable (in reply to RCPT TO
    command)

<[email protected]> (expanded from <[email protected].>): host
    vip-us-br-mx.terra.com[208.84.244.133] said: 550 5.1.1 5.1.1
    <[email protected]>: Recipient address rejected (in reply to RCPT
    TO command)
Reporting-MTA: dns; admin.myhost.com.br
X-Postfix-Queue-ID: EBFE61E2025
X-Postfix-Sender: rfc822; [email protected]
Arrival-Date: Tue, 17 Jan 2017 17:39:22 -0200 (BRST)

Final-Recipient: rfc822; [email protected]
Original-Recipient: rfc822;[email protected]
Action: failed
Status: 5.0.0
Remote-MTA: dns; mx4.hotmail.com
Diagnostic-Code: smtp; 550 Requested action not taken: mailbox unavailable

Final-Recipient: rfc822; [email protected]
Original-Recipient: rfc822;[email protected].
Action: failed
Status: 5.1.1
Remote-MTA: dns; vip-us-br-mx.terra.com
Diagnostic-Code: smtp; 550 5.1.1 5.1.1 <[email protected]>: Recipient
    address rejected
Return-Path: <[email protected]>
Received: from luiz (unknown [191.181.82.108])
    by admin.myhost.com.br (Postfix) with ESMTPA id EBFE61E2025;
    Tue, 17 Jan 2017 17:39:22 -0200 (BRST)
Message-ID: <4382CC8542EF47D08875DEB6DDD3CCB0@luiz>
From: "Luiz" <[email protected]>
To: <Undisclosed-Recipient:;>
Subject: Fw:    EMMANUEL /  Recanto de Paz...
Date: Tue, 17 Jan 2017 17:38:11 -0200
MIME-Version: 1.0
Content-Type: multipart/mixed;
    boundary="----=_NextPart_000_005B_01D270E8.7959AF50"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
X-PPP-Message-ID: <[email protected]>
X-PPP-Vhost: mycustomer.com.br

second example

Code: 
This is the mail system at host admin.myhost.com.br.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<[email protected]>: connect to
    gmail.com.br[2607:f8b0:4006:80e::2005]:25: Connection timed out
Reporting-MTA: dns; admin.myhost.com.br
X-Postfix-Queue-ID: DB44A1E1E19
X-Postfix-Sender: rfc822; [email protected]
Arrival-Date: Thu, 12 Jan 2017 17:12:39 -0200 (BRST)

Final-Recipient: rfc822; [email protected]
Original-Recipient: rfc822;[email protected]
Action: failed
Status: 4.4.1
Diagnostic-Code: X-Postfix; connect to
    gmail.com.br[2607:f8b0:4006:80e::2005]:25: Connection timed out
Return-Path: <[email protected]>
Received: from luiz (unknown [191.181.82.108])
    by admin.myhost.com.br (Postfix) with ESMTPA id DB44A1E1E19;
    Thu, 12 Jan 2017 17:12:39 -0200 (BRST)
Message-ID: <D5900C5F29CA4E3395A0F50A6330BFAA@luiz>
From: "Luiz" <[email protected]>
To: <Undisclosed-Recipient:;>
Subject: Fw:    BELGICA / Guia de viagem - Bruxelas
Date: Thu, 12 Jan 2017 17:09:46 -0200
MIME-Version: 1.0
Content-Type: multipart/mixed;
    boundary="----=_NextPart_000_004F_01D26CF6.ACD2B390"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
X-PPP-Message-ID: <[email protected]>
X-PPP-Vhost: mycustomer.com.br
 
Last edited:
I can't also send from my email address no message to Hotmail/Microsoft.

I made an support request but no answer.


Gesendet von meinem D6603 mit Tapatalk
 
Spammers sometimes use a random, but existing email address as sender. This is done for mainly these 2 reasons:

1) the errors don't come back to the server they are abusing, 5000 errors less in the queue are 5000 changes less someone will pick up on a large queue and stop them.
2) spamfilters that test if the sender exist can be tricked by this.

The best thing you can do about this is using a strict spf record. This only works if the receiver checks spf, but hotmail does, so the hotmail server will not accept the spam from the spammers mailserver with your client as sender.

more on spf http://www.openspf.org/SPF_Record_Syntax

hope this helps a bit

regards
Jan
 
You must log in or register to reply here.

Similar threads

A
Issue DKIM and DMARC issue, emails not sending
Replies
4
Views
3K
danami
danami
EnriqueR
Question Incoming mail is stored in Junk folder
Replies
6
Views
898
EnriqueR
EnriqueR
M
Question Hackers are sending tons of mails
Replies
4
Views
1K
MrPleskLearner
M
carlsson
Resolved Outgoing administrator mail not authorized [missing SPF record in sender domain]
Replies
11
Views
4K
rkbonatto
rkbonatto
A
Resolved Unwanted redirects to gmail, when receiving emails
Replies
5
Views
2K
arunda2
A
Back
Top