• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

MailEnable locate Spammer

christiano1203

Basic Pleskian
Hi there,

i have a big problem. My System is a Windows Server 2012 r2 with Plesk 12.

On this system i have installed MailEnable as my Mailserver.

So at the moment something is spam on this server, but i can't find out who is it.

Received: from win02.XXXXXX([MY IP] helo=WIN02.home)
(envelope-from <root@XXXXXXXX>)
id 1XlyHP-00038b-R0
for x; Wed, 05 Nov 2014 11:57:37 +0100
Received: from win02 ([127.0.0.1]) by home with MailEnable ESMTP; Wed, 5 Nov 2014 12:48:49
+0100
Date: Wed, 05 Nov 2014 11:48:49 +0000
Subject: UW PRICING AND AVAILABILITY
To: x
From: MARK <[email protected]>
Reply-To: [email protected]
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
X-Spam-Score: 4.3 (++++)
X-SpamScore: 4.3
X-MailHub-Apparently-To: x
X-MailHub-Forwarded: Yes

Hello Sales,
We are looking to purchase units of the below and would like to have a unit
pricing(educational/government institution)on each you can supply or source for:
ITEMs:
* Enerpac Hand Pump P 392
* Enerpac Hand Pump P 2282
Please note payment for this order is 30 Days Net Term.
Looking forward to read back from you with pricing and availability.
Thank You,
Mark Conley(Purchasing Director)
University of Washington-Extension
3917 University Way NE
Seattle, WA 98105-1120
Ph Num (206)691-8220
Fax Num(206)629-6290
Message-ID: <9C7D2EF931024C00B510486DF596A0A8.MAI@home>

The header is meaning that the spams come from root@, but there is no account with the name root@...

What can I do ? On linux it is so easy to find the spam with qmail or postfix. Why mailenable it is so difficult :(
 
Hello,

You can check the mail enable logs, for more info. If mails are there in queue you can open it and read the headers. In mail enable smtp logs search for recipient address it will give you more info.
 
Back
Top