Facebook
Twitter-
Please be aware: Kaspersky Anti-Virus has been deprecatedWith the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
-
The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
-
We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.
Question Send spam from localhost
- Thread starter Creativados
- Start date
U
UFHH01
Guest
Hi Creativados,
first, pls. have a look at:
Second, if you can't elimate the script, pls. consider to switch of sendmail usage at your server, untill you are able to eliminate the script on your server.
Third, pls. post your corresponding postfix - configuration, so that people willing to help you have the chance to investigate possible misconfigurations together with you.
first, pls. have a look at:
Second, if you can't elimate the script, pls. consider to switch of sendmail usage at your server, untill you are able to eliminate the script on your server.
Third, pls. post your corresponding postfix - configuration, so that people willing to help you have the chance to investigate possible misconfigurations together with you.
Creativados
Basic Pleskian
Thanks.
No php script execute Postfix sender.
My config postfix is
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = XXXXXXX
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.XXXXXX, localhost
relayhost =
mynetworks = , 127.0.0.0/8, [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
transport_maps = , hash:/var/spool/postfix/plesk/transport
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client dnsbl.example.net, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:30
virtual_gid_maps = static:31
smtpd_milters = inet:127.0.0.1:12768 inet:127.0.0.1:12345
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
virtual_mailbox_limit = 0
smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_ciphers = medium
smtpd_tls_exclude_ciphers = aNULL
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = no
smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
message_size_limit = 26214400
smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_dh1024_param_file = /usr/local/psa/etc/dhkey.pem
non_smtpd_milters =
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = HIGH:!aNULL:!MD5
milter_connect_macros = j {daemon_name} {client_connections} {client_addr} {client_ptr} v
milter_default_action = accept
No php script execute Postfix sender.
My config postfix is
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = XXXXXXX
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.XXXXXX, localhost
relayhost =
mynetworks = , 127.0.0.0/8, [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
transport_maps = , hash:/var/spool/postfix/plesk/transport
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client dnsbl.example.net, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_access, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:30
virtual_gid_maps = static:31
smtpd_milters = inet:127.0.0.1:12768 inet:127.0.0.1:12345
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
virtual_mailbox_limit = 0
smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_ciphers = medium
smtpd_tls_exclude_ciphers = aNULL
smtpd_sasl_security_options = noanonymous
smtpd_tls_auth_only = no
smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
message_size_limit = 26214400
smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
smtpd_tls_dh1024_param_file = /usr/local/psa/etc/dhkey.pem
non_smtpd_milters =
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = HIGH:!aNULL:!MD5
milter_connect_macros = j {daemon_name} {client_connections} {client_addr} {client_ptr} v
milter_default_action = accept
U
UFHH01
Guest
Hi Creativados,
it is highly recommended to use:
... and pls. don't forget to use Fail2Ban, to be able to ban scripts/bots/... on your server.
it is highly recommended to use:
Code:
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymousCreativados
Basic Pleskian
U
UFHH01
Guest
Hi Creativados,
actually, the recipient "[email protected]" exists on your server, which leads to the fact, that you either created this eMail - address, or that you use additional configurations at "/etc/aliases" for example.
If you desire further help for an investigation of your eMail - sender on your server, pls. consider to ask for "Administrative Services" ( => Plesk Admin Services ) over a new Plesk Support ticket, as deeper investigations have to done, directly on your server.
actually, the recipient "[email protected]" exists on your server, which leads to the fact, that you either created this eMail - address, or that you use additional configurations at "/etc/aliases" for example.
Code:
MAIL FROM:<[email protected]>
250 2.1.0 Ok
Sender is OK
RCPT TO:<[email protected]>
250 2.1.5 Ok
Recipient OK, email address proofed
QUIT
221 2.0.0 ByeIf you desire further help for an investigation of your eMail - sender on your server, pls. consider to ask for "Administrative Services" ( => Plesk Admin Services ) over a new Plesk Support ticket, as deeper investigations have to done, directly on your server.
