• We value your experience with Plesk during 2025
    Plesk strives to perform even better in 2026. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2025.
    Please take this short survey:
    https://survey.webpros.com/

qmail script abuse

Z

zonem0nkey

Guest
I believe someone or some script out there is abusing a email script that I have in one of my sites. I only have about a few email forms available on my site, but even after deleting and removing them, I'm seeing this script show up in my /usr/local/psa/var/log/maillog everytime.

1) I've turned off smtp relay via plesk.
2) I read some where that the maillog tells you the smtp messages that are being sent/received locally, is this correct?
3) Is there anything I can to find out which script/page is being abused?
 
check /var/tmp and /tmp/ for "suspect" files... some times they upload scripts there.
also do you have any open source cms or forums? they use to have some components with security wholes that users use to send emails.
 
You must log in or register to reply here.

Similar threads

I
Input Hardening Plesk with AbuseIPDB
Replies
2
Views
697
iainh
I
M
Question System account sending email through smpt relay but no configuration present
Replies
3
Views
2K
maratn
M
Erwin Fiten
Question Email Domain abuse with forwarding
Replies
2
Views
3K
Erwin Fiten
Erwin Fiten
L
Resolved not sending via external SMTP (msmtp + Office365)
Replies
2
Views
758
lema
L
J.Wick
Issue External Email Stopped Working after Upgrading to Plesk Obsidian 18.0.70 Update #2
Replies
1
Views
3K
J.Wick
J.Wick
Back
Top