ATTACK on Exim (Service Email): Massive emails from my server
Posted: Fri Jan 25, 2019 11:07 am
I am suffering an attack on Exim, emails are being sent from my server to thousands of unknown addresses.
I have noticed because I have received 30,000 notifications of emails delivery failed in admin account.
The attack began yesterday at approximately 8 pm
For the moment I have stopped the mail server exim, and deleted the message queue.
I do not know what else to do.
The message that is sent contains this:
I hope someone can help me.
I carried out the recommendations when we had the ChachaDDoS attack, deleting the processes and changing the admin passwords.
I have noticed because I have received 30,000 notifications of emails delivery failed in admin account.
The attack began yesterday at approximately 8 pm
For the moment I have stopped the mail server exim, and deleted the message queue.
I do not know what else to do.
The message that is sent contains this:
PayPal
Update Your Account
Dear Client
We're constantly working to make safer, simpler and more convenient for our customers This
means that from time to time we have to make changes to the terms of our User Agreement
To make sure you are always informed we have posted recent updates on our website.
To update your account please enter the link below and check your account information .
Login Now
I hope someone can help me.
I carried out the recommendations when we had the ChachaDDoS attack, deleting the processes and changing the admin passwords.