• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved Find script who send spam emails

Milos Popovic

Milos Popovic

New Pleskian
Hi to all, I have a problem with spam emails send from one client.

I try to edit password of this client and this not resolve problem. I set limit 0 for outgoing mails for this domain. And I get about 25-40 rejected mails by hour.

In mail log I have info like this:
Apr 12 01:14:13 t132 postfix/smtp[27474]: 94A961F41DA9: to=<allen@technologyteam.us>, relay=mx1.netsolmail.net[209.17.115.10]:25, delay=38, delays=3.6/32/1.9/0.89, dsn=5.7.1, status=bounced (host mx1.netsolmail.net[209.17.115.10] said: 554 5.7.1 The message from (<office@jugenterijer.rs>) with the subject of (Good Day) matches a profile the Internet community may consider spam. Please revise your message before resending. (in reply to end of DATA command))

Is it possible to find out which script sends these spam e-mails?

Thank you
 
You can also configure/set the "mail.log" parameter in your php.ini file, as this will log the exact scriptname (incl. full path), sender and recipient address for every mail sent.
 
If you're using one of the PHP versions distributed by Plesk itself, then the php.ini can be found under /opt/plesk/php/x.x/etc/php.ini
If you're using a PHP version provided by your OS, then it depends on you OS and handler type (fpm, fastcgi, module)
For example, on Debian/Ubuntu the php.ini can be found under /etc/php5/xxx/php.ini

Then you open this file with your prefered editor and search for "mail.log"
Uncomment the existing value or create a new one and set it to either
  • mail.log = syslog (or)
  • mail.log = /var/log/phpmails.log (you can choose any path/file you'd like)
If you're using a file, make sure that the PHP process the site is running with, has write permissions to.
As (except if you're using PHP as apache2 module) every sites PHP process runs with its own user, you have to configure this logfile with write permissions for anyone - i.e:
# touch /var/log/phpmails.log && chmod 666 /var/log/phpmails.log
 
Thank you, I find and delete this script.
Does anyone have any experience with Kaspersky AV for plesk? Does he check only incoming mail or check incoming and outgoing messages?

Thank you
 
You must log in or register to reply here.

Similar threads

F
Issue SOGo - emails sent from webmail, both manually created and autoresponder/vacation/out-of-office, are rejected. They miss spf, dkim, dmarc, everything
Replies
1
Views
416
Farfalk
F
mapodec
Resolved Emails sent from Plesk accounts are not delivering only to Google Workspace
Replies
2
Views
691
mapodec
mapodec
W
Issue Mail forwarded on the server in the target mailbox is delivered to the SPAM folder
Replies
0
Views
499
W4ru
W
I
Question mails that get lost
Replies
7
Views
5K
Inma
I
CobraArbok
Question Gmail Error unsolicited emails. What value in TXT?
Replies
15
Views
6K
CobraArbok
CobraArbok
Back
Top