• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Mail and SPAM Issues...

Z

zeroborg

Basic Pleskian
Hi all,

i experience some problems with qmail.
Someone found a hole in my server (suse 9.3) and sends thousands of spams...
Does anyone has a script in order to find out where is the problem? (web form? other vulnerability?).
At mail-wide preferences on my server at WHITE-LIST the value is: 127.0.0.0/8
Is this safe? After some search about it, i found out that the correct value there is: 127.0.0.1/32 .... Which one is correct?
I have a lot of different domains/clients on my server, and all of them have web forms and i tried to check all of them, and patch them with "eregi" for avoiding injections). Is this correct?
Does anyone has written a script that runs allways on the server and checks for non-logic email sends?
Is there any configuration for qmail to LIMIT the recipients of a mail?

Thank you.

Zeroborg.
 
The quote below is the body of a previous post that I saved just in case I needed it. Sounds like it may be what you are looking for. depending on how many domains you have on your server, it may take a while but it is better than not doing anything. I have not tried it myself so I do not know if it works. You may want to test on a known script before you do all of your domains just to see if it works:

You will need to do it for all your domains

In vhost.conf add this:

<Directory /usr/local/psa/home/vhosts/DOMAIN/httpdocs>
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fXXXX"
</Directory>

Change the path if you are not on FreeBSD.

the XXXX is a unique code - use the domain if you wish thats up to you - but as most spamming is not your own customer i think its best to add this as some random code that means nothing to anyone but yourself

Once that has been done each mail sent by php will have a unique per domain code in the Return-Path: using a tool such as qmHandle to view the mailqueue you can see this return-path and consequently go straight to the hosting account and disable the relevant script
Click to expand...
 
I have a problem where a client has a redirect email ends up in the message queue and stays. It is never delivered. So I have been searching for a solution. As I was searching for the solution, I came upon your post talking about the White List indicating the IP of 127.0.0.0 / 8. As I read through the post you said you found the correct address. Can you tell me where you found this information?

I am new to using Plesk and have had problems galore, but if I can find where the information is maybe I can solve at least one problem and maybe more.

Thank you in advance should you reply to my post.
 
You must log in or register to reply here.

Similar threads

H.W.B
Issue Php mail always spam
Replies
7
Views
1K
ivanes82
I
C
Question Block mail if domain doesn't exist in Plesk
Replies
0
Views
530
checkinindza
C
I
Resolved php_mail issue after deleting and recreating subscription
Replies
4
Views
580
Illyrer
I
E
Question Horde to Roundcube migration
Replies
1
Views
721
AYamshanov
AYamshanov
enerspace
Question Bounce emails end up in spam – DMARC triggered on local deliveries?
Replies
0
Views
456
enerspace
enerspace
Back
Top