• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Question Spam sent from my server by other hosts ???

Erwin Fiten

Erwin Fiten

Basic Pleskian
Server operating system version
Debian 11.11
Plesk version and microupdate number
Plesk Obsidian 18.0.67 Update #3 Web Pro Edition
I have a webserver 'myserver.com', that hosts a domain 'domain.com'

and now I'm getting blacklisted, and I receive 'undeliverable' emails for my domain, but that domain doesn't sent any mails.
So I checked the maillog :
Code: 
Feb 20 10:46:05 99C23181704: client=myserver.com[127.0.0.1], orig_queue_id=5D8DD180B87, orig_client=out21-17.dm.aliyun.com[115.124.21.17]
Feb 20 10:46:05 99C23181704: from=<[email protected]> to=<[email protected]>
Feb 20 10:46:05 99C23181704: message-id=<28990100552000025020721151799_28990100539006425022045989885_XTransfer@event.chinaedmexchange.com>
Feb 20 10:46:05 99C23181704: py-limit-out: stderr: INFO:__main__:No SMTP AUTH and not running in sendmail context (incoming or unrestricted outgoing mail). SKIP message.
Feb 20 10:46:05 99C23181704: py-limit-out: stderr: SKIP
Feb 20 10:46:05 99C23181704: check-quota: stderr: SKIP
Feb 20 10:46:05 99C23181704: spf: stderr: PASS
Feb 20 10:46:05 99C23181704: drweb: stderr: PASS
Feb 20 10:46:05 99C23181704: from=<[email protected]>, size=4600, nrcpt=1 (queue active)
Feb 20 10:46:05 99C23181704: from=<[email protected]>, to=<[email protected]>, dirname=/var/qmail/mailnames
Feb 20 10:46:06 99C23181704: dk_check: stderr: PASS
Feb 20 10:46:07 99C23181704: dmarc: stderr: PASS
Feb 20 10:46:07 99C23181704: arc-sign: stderr: PASS
Feb 20 10:46:07 99C23181704: to=<[email protected]>, relay=plesk_virtual, delay=1.7, delays=0.22/0/0/1.5, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
Feb 20 10:46:07 99C23181704: removed
and
Code: 
Feb 23 16:10:55 E6E28181DE4: client=myserver.com[127.0.0.1], orig_queue_id=F1A8F180B60, orig_client=bird.pine.relay.mailchannels.net[23.83.219.17]
Feb 23 16:10:55 E6E28181DE4: from=<> to=<[email protected]>
Feb 23 16:10:55 E6E28181DE4: message-id=<[email protected]>
Feb 23 16:10:56 E6E28181DE4: py-limit-out: stderr: INFO:__main__:No SMTP AUTH and not running in sendmail context (incoming or unrestricted outgoing mail). SKIP message.
Feb 23 16:10:56 E6E28181DE4: py-limit-out: stderr: SKIP
Feb 23 16:10:56 E6E28181DE4: check-quota: stderr: SKIP
Feb 23 16:10:56 E6E28181DE4: spf: stderr: PASS
Feb 23 16:10:56 E6E28181DE4: drweb: stderr: PASS
Feb 23 16:10:56 E6E28181DE4: from=<>, size=10073, nrcpt=1 (queue active)
Feb 23 16:10:56 E6E28181DE4: from=<MAILER-DAEMON>, to=<[email protected]>, dirname=/var/qmail/mailnames
Feb 23 16:10:56 E6E28181DE4: DKIM Feed: No signature
Feb 23 16:10:56 E6E28181DE4: dk_check: stderr: PASS
Feb 23 16:10:56 E6E28181DE4: Unable to store SPF result into DMARC library: 'Function called with nothing to parse'
Feb 23 16:10:56 E6E28181DE4: Unable to store SPF/DKIM results into DMARC library
Feb 23 16:10:56 E6E28181DE4: arc-sign: stderr: SKIP
Feb 23 16:10:56 E6E28181DE4: to=<[email protected]>, relay=plesk_virtual, delay=0.58, delays=0.26/0/0/0.31, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
Feb 23 16:10:56 E6E28181DE4: removed

So 'something' is configured wrong, strange, because this hasn't given issues the last years.

Any idea where I have to search ?

Erwin
 
Hello Erik,

In Plesk, you can configure the Policy on mail for non-existent users to ensure that emails sent to non-existent addresses are rejected rather than bounced, preventing Non-Delivery Reports (NDRs).

This setting can be adjusted in the following locations:
- For new domains: Service Plan > [Plan Name] > Mail > Policy on mail for non-existent users
- For existing domains: Domains > [example.com] > Mail Settings > What to do with mail for non-existent users

Additionally, I recommend implementing the following measures:
- Enable and configure Tools & Settings > Mail Server Settings > Switch on spam protection based on DNS blackhole lists.
- Enable and configure Outgoing Mail Control.

Let me know if you need any further assistance.
 
Strange, this is all enabled and set as you describe. And still messages are sent..
1740517063299.png
The 'sender' is the domain that's hosted on this server (and where the settings are as described), receivers are external, BUT not random, all known adresses from the sender....
 
In the thread title you're saying that these email messages are send trough your server via another host. But how do you know exactly these messages are sent from another host? I am asking because whenever a sever gets abused to sent spam messages often, a website hosted in the server got compromised, the server itself got compromised or an email account (mailbox) got compromised.
 
You must log in or register to reply here.

Similar threads

ilogus
Resolved Incoming email DKIM issue
Replies
4
Views
428
ilogus
ilogus
mapodec
Resolved Emails sent from Plesk accounts are not delivering only to Google Workspace
Replies
2
Views
598
mapodec
mapodec
W
Issue Mail forwarded on the server in the target mailbox is delivered to the SPAM folder
Replies
0
Views
436
W4ru
W
Lrnt
Resolved Mail stuck in queue between my 2 servers (Connection timed out)
Replies
3
Views
1K
Lrnt
Lrnt
EnriqueR
Question Incoming mail is stored in Junk folder
Replies
6
Views
839
EnriqueR
EnriqueR
Back
Top