1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

PLESK 8.1.0 & QMail .. the OpenRelay Disaster

Discussion in 'Plesk for Linux - 8.x and Older' started by semthetic, Feb 28, 2007.

  1. semthetic

    semthetic Guest

    0
     
    Well, it is really the way uncool to egt waked up at 6 pm in the morning by your boss calling that one of our machines is sending massspam over nigth. Exactly this is what happned to me today and well yes it did not made me to have a lucky daystart.

    I read a bit up on the net and as it seems the QMail going wild and becoming a OpenRelay problem seems to be not as uncommon as I thougth. After some checkups with Plesk I found out I can sqithc of relaying in the Plesk Backend but if I set it on with Auth options, these are ignore completly.

    None of the solutions suggested in the common internet forums helped for me yet, most of them refered to xinet.d which I don't have. The machine I am refering to is a Debian Sarge box with Plesk 8.1.0 installed.

    I hope I can find someone here to enligthen me with a solution for my problem.

    The server is holding 50+ Customers and I can't even switch the qmail of without getting threwn to death with anoyed customers calling so ... I have no idea what is better, beeing spamlisted or beeing stoned by customers.
    If you need any information I will happly provide you with it.

    Thanks.
     
  2. semthetic

    semthetic Guest

    0
     
    Nobody has any idea for me? I am still sitting in office and don't know any further...
     
  3. nullsystems

    nullsystems Guest

    0
     
  4. nibb@

    nibb@ Guest

    0
     
    I dont know if my problem is related or now, but just 2 weeks ago my datacenter said i was spamming, i logged into my plesk 8.01 and yes the box was spamming. I show down the qmail for 6 hours until it stopped, until now i could not find how the spammer did it. I looked every where, and the box is not cracked at all, someohow he used my server, i guess this was the same issue then. Glad that i found out now how he did it.
     
  5. RS_Jelle

    RS_Jelle Basic Pleskian

    23
    23%
    Joined:
    Apr 1, 2005
    Messages:
    46
    Likes Received:
    0
    Maybe there's an unsafe mail form on one of the sites on the box?
     
  6. theone

    theone Guest

    0
     
    PHP has a history of not being able to track which users are sending out mail through the PHP mail function from the nobody user causing leaks in formmail scripts and malicious users to spam from your server without you knowing who or where. Please PM me for a link to a script to see who is doing it :) It works on the servers I have tested on it is actually not an issue caused by the control panel but php this answer is based on what information you have provided in this thread.

    Thanks
     
Loading...