asked on
Spam Prevention, Linux Server with plesk how to locate the exploited domain
I own a hosting server, running plesk on Linux environment, which has about 57 UK domains hosted on it, and lately the servers mail failure box had been over filled with bad email addresses containing spam.
I think the servers being used for spam, I have checked all the contact forms but every domain contact form contains a Session, PHP generated captcha image.
Anyway my question is
Plesk displays this information
failure notice mungo@searchhound.com July 17, 2008 10:13 AM7 day(s) 00:23:3411,39 KB
And when you click on the link it displays
Received: (qmail 6822 invoked for bounce); 17 Jul 2008 10:13:09 +0100
Date: 17 Jul 2008 10:13:09 +0100
From: MAILER-DAEMON@p75197581.pu
To: mungo@searchhound.com
Subject: failure notice
This information is useless to me
Is their a way to Add a From IP address and exploited domain
That way I know which client has the vulnerability and I can the look for ways to prevent spam
So im pretty much asking how can I find out which domain these emails are coming from
I think the servers being used for spam, I have checked all the contact forms but every domain contact form contains a Session, PHP generated captcha image.
Anyway my question is
Plesk displays this information
failure notice mungo@searchhound.com July 17, 2008 10:13 AM7 day(s) 00:23:3411,39 KB
And when you click on the link it displays
Received: (qmail 6822 invoked for bounce); 17 Jul 2008 10:13:09 +0100
Date: 17 Jul 2008 10:13:09 +0100
From: MAILER-DAEMON@p75197581.pu
To: mungo@searchhound.com
Subject: failure notice
This information is useless to me
Is their a way to Add a From IP address and exploited domain
That way I know which client has the vulnerability and I can the look for ways to prevent spam
So im pretty much asking how can I find out which domain these emails are coming from
VulnerabilitiesLinux NetworkingAntiSpam
Last Comment
silveuk
This does not mean that you are sending spam. It can simply mean that your are getting SPAM in the form of NDR.
ASKER
Sorry i babble on alot, What im looking for is a way to detect if my linux server is a SPAM sender, or if any of the hosted domains are using the php mail() to send spam via form injections.
is their any script i can install which will give me logs of spam leaving my server.
i dont want my server to be a evil sender of spam
is their any script i can install which will give me logs of spam leaving my server.
i dont want my server to be a evil sender of spam
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
I wanted some script to attack to the mail sending failure protocol, which would add ip addess of sender along with the domain it came from.
i figured out a solution by my self, i decided to always add another sender to my contact forms, and attached the information to my clients
i figured out a solution by my self, i decided to always add another sender to my contact forms, and attached the information to my clients