• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

SPAM is bypassing Plesk Security ?

D

dragnovich

Basic Pleskian
Hello Im concern about an "ODD thing" I see in all the email Im getting at my servers. All uses Plesk Mostly 8.6 and some 9.x.

Ok let's say in the server I got domain1.com, domain2.com domain3.com, etc....

When any email is received for user@domain1.com some of the email headers looks like this....

---
Received: (qmail 871 invoked from network); 10 Jul 2009 17:40:26 -0500
Received: from 201-1-76-254.dsl.telesp.net.br (201.1.76.254)
by domain3.com with SMTP; 10 Jul 2009 17:40:25 -0500
From: sender@senderdomain.com
To: user@domain1.com
---

First ODD thing I see, is that the email is been received BY domain3.com (not domain1.com as it was sent to that email) and this receiver domain is randomly changed at each email received. ODDer is that I got emails received at the server from DOMAINS that are just pointed to the server, DNS records, and not in the server configured to respond as alias or something.

So why this emails are getting the receiver server as any domain in the server?
Many of this emails are SPAM, and many of them are BYPASSED by the spamassasain why? does it has some influence in the SPAM qualification? or is not necessary an security issue?

I have ALL the servers with all security activated, POP before SMTP, SMTP Auth, RBLS, DomainKeys, SpamAssasain, etc...

But still getting many emails as if they are as been sent from the server it self...

is this an issue, bug, security hole or just a spam paranoia!
 
I can also report this problem on plesk 9.0.1 and 9.2.1, in my case it surfaces in connection with domain aliases. It's annoying mails to adresses of the alias domains bypass spamassassin despite spamassassin being activated everywhere.
 
You must log in or register to reply here.

Similar threads

L
Question System Emails Marked as Spam
Replies
2
Views
1K
Leighton Thompson
L
A
Resolved Plesk Email Security and Dovecot Problems
Replies
9
Views
2K
Cmdr
C
M
Question Hackers are sending tons of mails
Replies
4
Views
1K
MrPleskLearner
M
K
Question Plesk Email Security
Replies
6
Views
1K
klamort
K
Jan Bludau
Resolved Patch: Postfix - 37C3 - SMTP Smuggling – Spoofing E-Mails Worldwide
Replies
5
Views
3K
Peter Debik
P
Back
Top