We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Finding out which authenticated account to blame on spam
Finding out which authenticated account to blame on spam
The stupidest thing someone can do on a server happened to me.
A person responsible for the email accounts of a specific domain created an email like this:
email: [email protected]
pass: admin
So guess what....... the server was used for spamming by someone that got the credentials by guessing. The spammer was authenticating with this account, but sending email on behalf of [email protected], which is a domain that does not belong to this server.
So now I have 2 questions.
1) Can we force an authenticated user to only send emails from the authenticated email?
2) Is there a way to get the top 50 senders from this server by authenticated account of the las 24 hours? In this way, you can have the list and know which user is sending tons of email.
Eximstats and isoqlog did not help much on this as they were reporting tons from [email protected] not giving me any reference to [email protected].
Thanks
A person responsible for the email accounts of a specific domain created an email like this:
email: [email protected]
pass: admin
So guess what....... the server was used for spamming by someone that got the credentials by guessing. The spammer was authenticating with this account, but sending email on behalf of [email protected], which is a domain that does not belong to this server.
So now I have 2 questions.
1) Can we force an authenticated user to only send emails from the authenticated email?
2) Is there a way to get the top 50 senders from this server by authenticated account of the las 24 hours? In this way, you can have the list and know which user is sending tons of email.
Eximstats and isoqlog did not help much on this as they were reporting tons from [email protected] not giving me any reference to [email protected].
Thanks