• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Somebody is sending SPAM from my server

C

clinton4

Regular Pleskian
Hi,

When i look in the Mail Queue, i see that somebody is sending SPAM from my server. How can i figure out which account is sending it?
 
Hello,


We can give you common recommendations which can help you to eliminate spam attack like using MAPS zones, spamassassin, blacklists, rejecting emails for non-existing users, update Plesk to the latest version and configure SPF technology, etc. The following articles are devoted to troubleshooting spam and known issues with spamassassin:

Spam tracking:
http://kb.odin.com/en/6010
http://kb.odin.com/en/766

Known issues and questions about spamassassin functionality:
http://kb.odin.com/en/1428
http://kb.odin.com/en/3017
http://kb.odin.com/en/5538
http://kb.odin.com/en/1334
http://kb.odin.com/en/1393
 
Windows Plesk: Outbound Spam

Somebody is sending SPAM from my server. This results in the main server IP getting blacklisted.

1. How to identify the spammer on my server .. or the compromised account?

Can the sender be identified from: C9EEDB720A4B4A5CA487B4AB3CD7BF3A.MAI
or
ME-I0018: [F8E9D6D22AC34047B86D7CB83E3C75FA.MAI] Outbound message from ([SMTP:some_id@aol.com]) requeued as [300E2AA30B7F4A40974C3973FC9F47D4.MAI] to the target domain [some_domain.com]

2. How to further secure the server to prevent sending such spam messages?
Emails are sent using the 'From' field containing email IDs of Yahoo, AOL, Gmail, etc.

3. Is there any way to limit the number of messages that can be sent in an hour from a particular hosting account?
 
I figured out that the problem was related to the Wordpress plugin Contact Form 7. If you have WP with this plugin, you better stop using it.
 
Those suggestion links talk about qmail.

What about postfix?
 
You must log in or register to reply here.

Similar threads

C
Question Strange Mail-Spam issue
Replies
3
Views
380
hschramm
hschramm
enerspace
Question Bounce emails end up in spam – DMARC triggered on local deliveries?
Replies
0
Views
207
enerspace
enerspace
R
Issue Unable to send emails using SMTP
Replies
9
Views
2K
Robin McDermott
R
A
Question Mail spam in my inbox
Replies
1
Views
910
nmdpa3
N
Y
Question How to block mails from TLD (Domain Extension) ?
Replies
1
Views
247
Kaspar
K
Back
Top