We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
mail server sending out thousands of spam mails
mail server sending out thousands of spam mails
i have no idea why this happens, but apperently my smtp server is open?
I have 800.000 unsend mails in my queue, and rising.
I already removed them yesterday, blocked all access to port 25, but this morning there are again 500.000 mails.
What can i do?
i tested for a open relay on https://mxtoolbox.com/, but its closed.
There are no scripts, at least that i know
So, what is going on?
i have this in my conf:
dc_eximconfig_configtype='local'
dc_other_hostnames='vps2.sanderkerkhoff.com'
dc_local_interfaces='127.0.0.1 ; ::1'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
do i need to enter 127.0.0.1 in: dc_relay_nets=' ' ?
I have 800.000 unsend mails in my queue, and rising.
I already removed them yesterday, blocked all access to port 25, but this morning there are again 500.000 mails.
What can i do?
i tested for a open relay on https://mxtoolbox.com/, but its closed.
There are no scripts, at least that i know
So, what is going on?
i have this in my conf:
dc_eximconfig_configtype='local'
dc_other_hostnames='vps2.sanderkerkhoff.com'
dc_local_interfaces='127.0.0.1 ; ::1'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
do i need to enter 127.0.0.1 in: dc_relay_nets=' ' ?
Re: mail server sending out thousands of spam mails
Have you checked who is generating mails?
Check queue: exim -bp
Read mail header: exim -Mvh mail_ID
Read body: exim -Mvb mail_ID
Additionally try read exim log: /var/log/exim/main.log
Check queue: exim -bp
Read mail header: exim -Mvh mail_ID
Read body: exim -Mvb mail_ID
Additionally try read exim log: /var/log/exim/main.log
-
- Support team
- Posts: 1111
- Joined: Tue Jul 30, 2013 10:18 pm
- Contact:
- Os: CentOS 6x
- Web: nginx + php-fpm
Re: mail server sending out thousands of spam mails
Check your php scripts, wordpress first - they 100% contains malicious code.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: mail server sending out thousands of spam mails
Your sites are infected and your server may be compromised. Disable your sites one by one and watch your exim queue using . then find the problem site and fix it.
Code: Select all
exim -bpc
Re: mail server sending out thousands of spam mails
Or user may install maldet and scan all websites :)mehargags wrote: ↑Sun Apr 07, 2019 7:14 pmYour sites are infected and your server may be compromised. Disable your sites one by one and watch your exim queue using. then find the problem site and fix it.Code: Select all
exim -bpc