• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Mail and SPAM Issues...

Z

zeroborg

Basic Pleskian
Hi all,

i experience some problems with qmail.
Someone found a hole in my server (suse 9.3) and sends thousands of spams...
Does anyone has a script in order to find out where is the problem? (web form? other vulnerability?).
At mail-wide preferences on my server at WHITE-LIST the value is: 127.0.0.0/8
Is this safe? After some search about it, i found out that the correct value there is: 127.0.0.1/32 .... Which one is correct?
I have a lot of different domains/clients on my server, and all of them have web forms and i tried to check all of them, and patch them with "eregi" for avoiding injections). Is this correct?
Does anyone has written a script that runs allways on the server and checks for non-logic email sends?
Is there any configuration for qmail to LIMIT the recipients of a mail?

Thank you.

Zeroborg.
 
The quote below is the body of a previous post that I saved just in case I needed it. Sounds like it may be what you are looking for. depending on how many domains you have on your server, it may take a while but it is better than not doing anything. I have not tried it myself so I do not know if it works. You may want to test on a known script before you do all of your domains just to see if it works:

You will need to do it for all your domains

In vhost.conf add this:

<Directory /usr/local/psa/home/vhosts/DOMAIN/httpdocs>
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fXXXX"
</Directory>

Change the path if you are not on FreeBSD.

the XXXX is a unique code - use the domain if you wish thats up to you - but as most spamming is not your own customer i think its best to add this as some random code that means nothing to anyone but yourself

Once that has been done each mail sent by php will have a unique per domain code in the Return-Path: using a tool such as qmHandle to view the mailqueue you can see this return-path and consequently go straight to the hosting account and disable the relevant script
Click to expand...
 
I have a problem where a client has a redirect email ends up in the message queue and stays. It is never delivered. So I have been searching for a solution. As I was searching for the solution, I came upon your post talking about the White List indicating the IP of 127.0.0.0 / 8. As I read through the post you said you found the correct address. Can you tell me where you found this information?

I am new to using Plesk and have had problems galore, but if I can find where the information is maybe I can solve at least one problem and maybe more.

Thank you in advance should you reply to my post.
 
You must log in or register to reply here.

Similar threads

datea.services
Question Attempts to exceed outgoing limits: log of mails not sent
Replies
4
Views
539
Peter Debik
P
D
Resolved SUPER WEIRD port issue
2
Replies
21
Views
2K
DenizGelion
D
carlsson
Issue Mail on Plesk, web on other provider, how do I create a correct SSL?
Replies
2
Views
145
carlsson
carlsson
K
Resolved Request body not available using Node.js, Express on Plesk (Cors)
Replies
1
Views
694
Kroptokin
K
S
Question Spam Protection Web Host?
Replies
2
Views
906
ronanmarco
ronanmarco
Back
Top