Facebook
TwitterHello,
i have Plesk 9.3.0 installed on a Suse 64bit.
I also have postfix 2.5.1 installed.
Lately, i have 3 incidents of spam THROUGH my server. Below are the logs:
==============
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: 176402016A3A: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: 1E6C02016AAA: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: E85D12016DA7: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: 668F02017603: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: B3A012016DA6: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
==============
The strange is that at the log file, there is NO postfix/smtpd BEFORE the postfix/qmgr and becauce of that i can't find how he manage to spam through my server.
I searched for rootkits, none. For any php progs, none.
My relay is closed (smtp through authorization).
Is there a way to find how he manage to spam?
Can i upgrade the postfix without breaking the PLESK?
Please, advice.
Thank you.
Zero.
i have Plesk 9.3.0 installed on a Suse 64bit.
I also have postfix 2.5.1 installed.
Lately, i have 3 incidents of spam THROUGH my server. Below are the logs:
==============
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: 176402016A3A: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: 1E6C02016AAA: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: E85D12016DA7: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: 668F02017603: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
Oct 6 08:55:33 xxxx postfix/qmgr[25982]: B3A012016DA6: from=<[email protected]>, size=8438, nrcpt=50 (queue active)
==============
The strange is that at the log file, there is NO postfix/smtpd BEFORE the postfix/qmgr and becauce of that i can't find how he manage to spam through my server.
I searched for rootkits, none. For any php progs, none.
My relay is closed (smtp through authorization).
Is there a way to find how he manage to spam?
Can i upgrade the postfix without breaking the PLESK?
Please, advice.
Thank you.
Zero.
