• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue VPS with plesk Hacked

C

Carloz

Basic Pleskian
Hello, some hackers hacked one of the mail accounts hosted on my Windows vps with plesk Onyx (Version 17.8.11 Aggiorna #85 )

They of course used the mail account to send spam, they put some thousands emails in outgoing queue, and they are trying again to hack using bruteforce attack (they are trying to login using a lot of different passwords).

How can i delete the outgoing mail queue and to automatically ban an ip that try to login with different password? (for example after 3 or 5 or more attempts, the ip will be banned for some hours).

Thank you!
Carlo
 
Make use of fail2ban and limit outgoing emails.

But most importantly, un-hack your VPS, in order to eliminate the future attacks completely. Since this is not an issue to discuss here on this forum, it falls under your responsibility of security. I can help you with all those privately, DM me.
 
Thank you for your suggestions, i solved the situation. If i can, i will set up the fail2ban plugin.

I set also the outgoing emails limit (1000 for each account for every hour max). But I can't understand this message:

The following domains use external email addresses for mail forwarding of messages sent to non-existent addresses. Messages sent to these addresses will not be accounted for in Outgoing Mail Control:

and then there is a big list of all the domains hosted.... what does it means?!?! these domains actually don't use external email addresses for mail forwareding of messages sent to non-existent address... it's a single catch-all address that is of the main domain, hosted on the same vps (for esample [email protected], where domain.com is also hosted on my vps).
 
You must log in or register to reply here.

Similar threads

M
Issue Outgoing Mail Control is always 0
Replies
1
Views
328
MarketPC
M
V
Issue Smarthost + SRS = relay?
Replies
2
Views
10K
vanlier
V
carlsson
Issue Emails don't look the same on iPhone vs Computers
Replies
7
Views
1K
Arm-In
A
H
Question Send mail using a site Not hosted on Plesk.
Replies
8
Views
2K
Kaspar@Plesk
Kaspar@Plesk
carlsson
Issue Really strange problem – I can't use my SMTP server intermittently
Replies
2
Views
1K
carlsson
carlsson
Back
Top