• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Q-Mail & SPAM

K

kevincam

Guest
Hey... I've been dealing with a major problem concearning spam being sent from my server. Relaying has always been disabled and the logs don't really give you much information on where the e-mail originated..

I supposed that the spam me be a php scripts or something that someone is using or is being exploited.

the problem is I have over 75 domains in my system.. most of my clients aren't knowledgeable enough to write their own mailing routines....


I figured that since outgoing mail is only enabled for the server.... why not have qmail check to make sure that there is a valid user in the FROM part of the header....

I found a qmail patch called SPAMCONTROL at http://www.fehcom.de/qmail/spamcontrol.html

this patch has a feature called LOCALMFCHECK where it checks the FROM header in the outgoing email and makes sure that the host is a domain that it hosts.... they call it a Reverse Split-Horizon Check....

this qmail patch requires that you build qmail from the source to apply this patch....

my question is does anyone know if you can apply patches and rebuild qmail from its source and it still work with Plesk?

and to the plesk engineers I would kindly ask that you include this patch in the future version of plesk....

and does anyone know another way to stop outgoing spam. I recently purchased spamassassin for plesk and it does not look like spamassassin is even checking outgoing email....

Thank You...
 
to me, this isn't making much sense because you'd have to set up some kind of form/script that allows you to specify where you want the email to go to and the body of the message..

are you sure it's a script being exploited or that your server is bouncing messages being sent to invalid accounts?

if the latter is the case, then there's a "reject" option instead of bouncing.

but then again, i'm only a novice. <shrugs>
 
Originally posted by serial-thrilla
to me, this isn't making much sense because you'd have to set up some kind of form/script that allows you to specify where you want the email to go to and the body of the message..

are you sure it's a script being exploited or that your server is bouncing messages being sent to invalid accounts?

if the latter is the case, then there's a "reject" option instead of bouncing.

but then again, i'm only a novice. <shrugs>
Click to expand...

you kind of missed the point.... I have a server with over 70 clients hosting on it.... I have no idea what they host on my server. its very trivial to sit there and go through every php file that someone uploads..... so my solution would be for the server not to send any mail out unless a domain that is hosted locally is in the header of the e-mail in the FROM field... anyone can modify the header of an e-mail in php code..... so with that kind of patch it would make sure that it is valid... I'd even like to see a valid local user patch...... this would stop spam e-mail from being sent from the server...
 
You can't use custom qmail with PSA. You can however use qmail-scanner, since even localhost sent messages (with php calling qmail's "sendmail") get queued for remote delivery. You can then implement a routine in qmail-scanner that does what you need. A bit of a hack though..
 
Originally posted by superbock
You can't use custom qmail with PSA. You can however use qmail-scanner, since even localhost sent messages (with php calling qmail's "sendmail") get queued for remote delivery. You can then implement a routine in qmail-scanner that does what you need. A bit of a hack though..
Click to expand...

ok is there a special build of qmail-scanner that I need to work with PSA...

and with qmail scanner is it possible to have it look in the HEADER of the E-Mail... not the origin but the Header and compare the FROM field to the rcpthosts file?
 
Use ART's qmail-scanner rpm (http://www.atomicrocketturtle.com).

At some point you'll have the variable $returnpath, and then you can call custom routine.

You can do a lot with qmail-scanner, it strips every e-mail completely.

Beware, any slight mistake might break valid e-mail delivery!! Use non-production server for testing first.

Also, make sure only mail originated from localhost is submitted to that check.. otherwise you can imagine the result..
 
You must log in or register to reply here.

Similar threads

williamplk
Issue Plesk default generate domain set in email header Helo
Replies
12
Views
1K
williamplk
williamplk
F
Question DKIM DNS Record Not Displaying in Plesk Email Settings
Replies
9
Views
838
flippintwit
F
W
Question Mail Server configuration so it does not end up as spam?
Replies
2
Views
679
wyga
W
S
Resolved Incoming mail problem from certain domains only
Replies
2
Views
353
SK01
S
myra_john
Issue Issues with Email Deliverability on Plesk Server
Replies
1
Views
830
tpitserv
T
Back
Top