• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Span - relaylock: /var/qmail/bin/relaylock

J

javisan43

Guest
I've been several days with attacks from multiple IP.
I reviewed the logs (maillog) and Ip that reflects is that really sends.
Is there a way to see the real IP and stop this attack?
Submit a few records maillog to see this kind of attack.
C:Documents and SettingsPacoEscritoriomaillog/150786: Oct 4 19:35:16 venalsur relaylock: /var/qmail/bin/relaylock: mail from 86.101.81.107:9221 (catv-86-101-81-107.catv.broadband.hu)
C:Documents and SettingsPacoEscritoriomaillog/150861: Oct 4 19:35:39 venalsur relaylock: /var/qmail/bin/relaylock: mail from 88.250.174.247:16868 (dsl88-250-44791.ttnet.net.tr)
C:Documents and SettingsPacoEscritoriomaillog/150905: Oct 4 19:35:59 venalsur relaylock: /var/qmail/bin/relaylock: mail from 65.48.189.248:4888 (mail.venalsur.es)
C:Documents and SettingsPacoEscritoriomaillog/150930: Oct 4 19:36:16 venalsur relaylock: /var/qmail/bin/relaylock: mail from 80.160.76.197:39109 (fep33.mail.dk)
Any idea as to this attack? - I use plesk 4.0
 
These are perfectly normal (and usually meaningless) log messages. And what is not real about these IP addresses?
 
Back
Top