Spam overload

[Brammeke]

Hi all,

We have about 150 domains on our Plesk managed server and one or two of them are hosting scripts which are being abused by spammers. As such, I can see spam mails leaving the server, originating at "localhost".

Is there a way to figure out which of the virtual servers is being a donkey?

Thank you,
Bram

 

[jwdick]

I do not know if this works and it may be more trouble than you are willing to do for 150 domains, but I saved this excerpt from a previous post just in case I needed it.

You will need to do it for all your domains (i beleive someone posted a script at one point)

But in vhost.conf add this:

<Directory /usr/local/psa/home/vhosts/DOMAIN/httpdocs>
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fXXXX"
</Directory>

Change the path if you are not on FreeBSD.

the XXXX is a unique code - use the domain if you wish thats up to you - but as most spamming is not your own customer i think its best to add this as some random code that means nothing to anyone but yourself

Once that has been done each mail sent by php will have a unique per domain code in the Return-Path: using a tool such as qmHandle to view the mailqueue you can see this return-path and consequently go straight to the hosting account and disable the relevant script