• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Mail and SPAM Issues...

Z

zeroborg

Basic Pleskian
Hi all,

i experience some problems with qmail.
Someone found a hole in my server (suse 9.3) and sends thousands of spams...
Does anyone has a script in order to find out where is the problem? (web form? other vulnerability?).
At mail-wide preferences on my server at WHITE-LIST the value is: 127.0.0.0/8
Is this safe? After some search about it, i found out that the correct value there is: 127.0.0.1/32 .... Which one is correct?
I have a lot of different domains/clients on my server, and all of them have web forms and i tried to check all of them, and patch them with "eregi" for avoiding injections). Is this correct?
Does anyone has written a script that runs allways on the server and checks for non-logic email sends?
Is there any configuration for qmail to LIMIT the recipients of a mail?

Thank you.

Zeroborg.
 
The quote below is the body of a previous post that I saved just in case I needed it. Sounds like it may be what you are looking for. depending on how many domains you have on your server, it may take a while but it is better than not doing anything. I have not tried it myself so I do not know if it works. You may want to test on a known script before you do all of your domains just to see if it works:

You will need to do it for all your domains

In vhost.conf add this:

<Directory /usr/local/psa/home/vhosts/DOMAIN/httpdocs>
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fXXXX"
</Directory>

Change the path if you are not on FreeBSD.

the XXXX is a unique code - use the domain if you wish thats up to you - but as most spamming is not your own customer i think its best to add this as some random code that means nothing to anyone but yourself

Once that has been done each mail sent by php will have a unique per domain code in the Return-Path: using a tool such as qmHandle to view the mailqueue you can see this return-path and consequently go straight to the hosting account and disable the relevant script
Click to expand...
 
I have a problem where a client has a redirect email ends up in the message queue and stays. It is never delivered. So I have been searching for a solution. As I was searching for the solution, I came upon your post talking about the White List indicating the IP of 127.0.0.0 / 8. As I read through the post you said you found the correct address. Can you tell me where you found this information?

I am new to using Plesk and have had problems galore, but if I can find where the information is maybe I can solve at least one problem and maybe more.

Thank you in advance should you reply to my post.
 
You must log in or register to reply here.

Similar threads

H.W.B
Issue Php mail always spam
Replies
7
Views
1K
ivanes82
I
C
Question Block mail if domain doesn't exist in Plesk
Replies
0
Views
474
checkinindza
C
I
Resolved php_mail issue after deleting and recreating subscription
Replies
4
Views
372
Illyrer
I
E
Question Horde to Roundcube migration
Replies
1
Views
529
AYamshanov
AYamshanov
M
Issue Outgoing Mail Control is always 0
Replies
1
Views
374
MarketPC
M
Back
Top