1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Prevent sending spam

Discussion in 'Plesk for Linux - 8.x and Older' started by bonjurkes, Jul 6, 2007.

  1. bonjurkes

    bonjurkes Guest


    I got an abuse report for sending spam mails from my server. I have like 45 domains on my server (not all of them are mine) and i really dont know which site is causing it. I guess there must be a security flow at one of their scripts.

    Anyway, the only solution is stopping qmail, checking all mails 1 by 1 and then deleting the spam mails. But if there is much mail like 1000 with spam mails, plesk gets frozen.

    The sender of the spam mails looks like anonymous@hostname, hostname is our main domain so its like anonymous@blabla.com. So i cant find the original sender, i mean from which domain it sent.

    Is there a program that can scan outgoing mails and delete the spam ones by using rules?
  2. atomicturtle

    atomicturtle Golden Pleskian

    Nov 20, 2002
    Likes Received:
    Washington, DC
    Sure, qmail-scanner will scan both incoming and outgoing mail for spam. You can set a threshold on when to delete, or reject messages based on the spam score. Id start by setting that up to contain the damage, and then looking through your logs to figure out where this is coming from. If you capture a message (you can set qmail-scanner to quarantine as well), look at the senders user id in the headers, if its 48 and/or apache, then its through a web app. If its 110 and/or popuser, then its through a compromised email account.
  3. bonjurkes

    bonjurkes Guest


    i installed qmail scanner using atomic's repo, but i guess it messed up something because i can't even send a message from my server to my users.