We help IT Professionals succeed at work.

Spam Prevention, Linux Server with plesk how to locate the exploited domain

723 Views
Last Modified: 2010-04-21
I own a hosting server, running plesk on Linux environment, which has about 57 UK domains hosted on it, and lately the servers mail failure box had been over filled with bad email addresses containing spam.
I think the servers being used for spam, I have checked all the contact forms but every domain contact form contains a Session, PHP generated captcha image.
Anyway my question is

Plesk displays this information

 failure notice mungo@searchhound.com July 17, 2008 10:13 AM7 day(s) 00:23:3411,39 KB

And when you click on the link it displays

Received: (qmail 6822 invoked for bounce); 17 Jul 2008 10:13:09 +0100
Date: 17 Jul 2008 10:13:09 +0100
From: MAILER-DAEMON@p75197581.pureserver.info
To: mungo@searchhound.com
Subject: failure notice

This information is useless to me

Is their a way to Add a From IP address and exploited domain

That way I know which client has the vulnerability and I can the look for ways to prevent spam

So im pretty much asking how can I find out which domain these emails are coming from
Comment
Watch Question

Top Expert 2008

Commented:
This does not mean that you are sending spam. It can simply mean that your are getting SPAM in the form of NDR.

Author

Commented:
Sorry i babble on alot, What im looking for is a way to detect if my linux server is a SPAM sender, or if any of the hosted domains are using the php mail() to send spam via form injections.
is their any script i can install which will give me logs of spam leaving my server.

i dont want my server to be a evil sender of spam
CERTIFIED EXPERT
Most Valuable Expert 2015
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
I wanted some script to attack to the mail sending failure protocol, which would add ip addess of sender along with the domain it came from.

i figured out a solution by my self, i decided to always add another sender to my contact forms, and attached the information to my clients

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.