• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Server is sending spam from an email account

J

JasonBibby

New Pleskian
How to clear the mail queue?

EDIT: How can I clear the mail queue? I seem to have stopped the messages getting to the server however there's 123639 still in the queue...


# /var/qmail/bin/qmail-qstat
messages in queue: 123639
messages in queue but not yet preprocessed: 0



I know which domain the spam is being sent out from, how can I stop it connecting to the server through 1&1?

I've deleted the account and domain from parallels, however the maillog is still being over run by requests and bounce backs.

I've requested for the DNS to be changed via 1&1 however what else can I do to stop this account bombarding my server?

Thanks in advance.
 
Last edited:
Are you sure the emails are originating from your server?

Is a spammer using your email address in the from field for the emails. When they can not be delivered to their recipient, they are bounced from the recipients mail servers and are returned to your server as bounce notifications.

Can you post some entries from the mail logs / an example of a bounced message.

I had a similar issue when I setup my first Plesk server. Spammer using one of my email domains. Bounces from other servers would hit my server and it would try and send an account not found non-delivery email . This would then bounce and fill up the mail queue. Changed the "address not found" behaviour to reject and this issue more or less stopped straight away. If your server sends out lots of bounces, your IP's can end up on BACKSCATTER block lists.

I may have completely mis-understood your issue though!
 
I'm not 100% sure, however they are going through my server.

Random grab rom the sever report. Its the richard@xxx I'm having trouble with.

This is spitting out reports constantly, as you can see by the time.

They were more detailed before I removed the hosting and email accounts.

Jan 14 21:09:51 s15859492 qmail: 1358197791.237057 status: local 0/10 remote 19/20
Jan 14 21:09:51 s15859492 qmail: 1358197791.237068 starting delivery 2300646: msg 1588068 to remote jiangxl@vip.sina.com
Jan 14 21:09:51 s15859492 qmail: 1358197791.237077 status: local 0/10 remote 20/20
Jan 14 21:09:51 s15859492 qmail-remote-handlers[11828]: Handlers Filter before-remote for qmail started ...
Jan 14 21:09:51 s15859492 qmail: 1358197791.277868 delivery 2300642: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
Jan 14 21:09:51 s15859492 qmail: 1358197791.277897 status: local 0/10 remote 19/20
Jan 14 21:09:51 s15859492 qmail: 1358197791.277907 starting delivery 2300647: msg 1588068 to remote mangchema@yahoo.com.cn
Jan 14 21:09:51 s15859492 qmail: 1358197791.277917 status: local 0/10 remote 20/20
Jan 14 21:09:51 s15859492 qmail-remote-handlers[11829]: Handlers Filter before-remote for qmail started ...
Jan 14 21:09:51 s15859492 qmail-remote-handlers[11828]: from=richard@
Jan 14 21:09:51 s15859492 qmail-remote-handlers[11828]: to=jiangxl@vip.sina.com
Jan 14 21:09:51 s15859492 qmail-remote-handlers[11829]: from=richard@
Jan 14 21:09:51 s15859492 qmail-remote-handlers[11829]: to=mangchema@yahoo.com.cn
Jan 14 21:09:51 s15859492 qmail: 1358197791.644169 delivery 2300637: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
 
Simple, disable email service for that domain, disable php function mail and contact them and inform them about the spam.
 
How can I clear the mail queue? I seem to have stopped the messages getting to the server however there's 123639 still in the queue...


# /var/qmail/bin/qmail-qstat
messages in queue: 123639
messages in queue but not yet preprocessed: 0
 
Thanks for the replies, solved the problem by installing Postfix.

All is well now and there are no queues.

Thanks for your help!
 
You must log in or register to reply here.

Similar threads

M
Question Plesk Email Security Pro - 421 4.3.2 Service shutting down, closing channel - Mails are stuck in the queue
Replies
16
Views
2K
Raul A.
R
mapodec
Resolved Emails sent from Plesk accounts are not delivering only to Google Workspace
Replies
2
Views
691
mapodec
mapodec
R
Issue Unable to send emails using SMTP
Replies
9
Views
2K
Robin McDermott
R
Erwin Fiten
Question Spam sent from my server by other hosts ???
Replies
4
Views
564
Bitpalast
Bitpalast
A
Question Spam detection on outgoing mails with Plesk Email Security
Replies
2
Views
692
Kaspar
K
Back
Top