Vesta 2.0 is coming soon! See our progress update: https://vestacp.com/docs/vesta-2-update
ATTACK on Exim (Service Email): Massive emails from my server
ATTACK on Exim (Service Email): Massive emails from my server
I am suffering an attack on Exim, emails are being sent from my server to thousands of unknown addresses.
I have noticed because I have received 30,000 notifications of emails delivery failed in admin account.
The attack began yesterday at approximately 8 pm
For the moment I have stopped the mail server exim, and deleted the message queue.
I do not know what else to do.
The message that is sent contains this:
I hope someone can help me.
I carried out the recommendations when we had the ChachaDDoS attack, deleting the processes and changing the admin passwords.
I have noticed because I have received 30,000 notifications of emails delivery failed in admin account.
The attack began yesterday at approximately 8 pm
For the moment I have stopped the mail server exim, and deleted the message queue.
I do not know what else to do.
The message that is sent contains this:
PayPal
Update Your Account
Dear Client
We're constantly working to make safer, simpler and more convenient for our customers This
means that from time to time we have to make changes to the terms of our User Agreement
To make sure you are always informed we have posted recent updates on our website.
To update your account please enter the link below and check your account information .
Login Now
I hope someone can help me.
I carried out the recommendations when we had the ChachaDDoS attack, deleting the processes and changing the admin passwords.
Re: ATTACK on Exim (Service Email): Massive emails from my server
I have found suspect files in a CMS made with Drupal.
At the moment, I have suspended site and moved files other directory out public_html.
Then I have unsuspended service Exim, and I will be checking for new spam mails.
It would be very interesting to be able to limit the number of emails per hour in Exim,
and so avoid being put on blacklists like it has happened to me.
Important references for solution:
https://www.digitalocean.com/community/ ... -with-exim
https://www.inmotionhosting.com/support ... -with-exim
At the moment, I have suspended site and moved files other directory out public_html.
Then I have unsuspended service Exim, and I will be checking for new spam mails.
It would be very interesting to be able to limit the number of emails per hour in Exim,
and so avoid being put on blacklists like it has happened to me.
Important references for solution:
https://www.digitalocean.com/community/ ... -with-exim
https://www.inmotionhosting.com/support ... -with-exim