1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Qmail user null & spam open

Discussion in 'Plesk 9.x for Linux Issues, Fixes, How-To' started by Roberto Nunez, Apr 16, 2010.

  1. Roberto Nunez

    Roberto Nunez Basic Pleskian

    20
    57%
    Joined:
    Apr 30, 2009
    Messages:
    42
    Likes Received:
    0
    Location:
    World
    Hello,
    I can detect a lot of spam with Qmail, I have:

    10:07:47 mail relaylock: /var/qmail/bin/relaylock: mail from 208.53.42.33:3140 (not defined)
    10:07:48 mail smtp_auth: SMTP connect from (null)@(null) [208.53.42.33]
    10:07:48 mail smtp_auth: smtp_auth: SMTP user postmaster : logged in from (null)@(null) [208.53.42.33]

    The issue appear for others accounts, How is possible that connect from null???

    Is it a database issue, Qmail, other?

    This issue is a big open door for spammer.

    CentOS 5.4 - Plesk 9.5.1

    Thanks for any suggest.
     
  2. IgorG

    IgorG Forums Analyst Staff Member

    49
    24%
    Joined:
    Oct 27, 2009
    Messages:
    24,557
    Likes Received:
    1,242
    Location:
    Novosibirsk, Russia
    Did you tried to rebuild mailsettings with mchk? Did you checked system with chkrootkit, rkhunter?
     
  3. Roberto Nunez

    Roberto Nunez Basic Pleskian

    20
    57%
    Joined:
    Apr 30, 2009
    Messages:
    42
    Likes Received:
    0
    Location:
    World
    Hi Igor,
    Yes, I tried rkhunter and chkrootkit with goods results. Is normal mail smtp_auth: SMTP connect from (null)@(IP) [208.53.42.33]??

    Thanks!
     
Loading...