Avatar of silveuk
 asked on

Spam Prevention, Linux Server with plesk how to locate the exploited domain

I own a hosting server, running plesk on Linux environment, which has about 57 UK domains hosted on it, and lately the servers mail failure box had been over filled with bad email addresses containing spam.
I think the servers being used for spam, I have checked all the contact forms but every domain contact form contains a Session, PHP generated captcha image.
Anyway my question is

Plesk displays this information

 failure notice mungo@searchhound.com July 17, 2008 10:13 AM7 day(s) 00:23:3411,39 KB

And when you click on the link it displays

Received: (qmail 6822 invoked for bounce); 17 Jul 2008 10:13:09 +0100
Date: 17 Jul 2008 10:13:09 +0100
From: MAILER-DAEMON@p75197581.pureserver.info
To: mungo@searchhound.com
Subject: failure notice

This information is useless to me

Is their a way to Add a From IP address and exploited domain

That way I know which client has the vulnerability and I can the look for ways to prevent spam

So im pretty much asking how can I find out which domain these emails are coming from
VulnerabilitiesLinux NetworkingAntiSpam

Avatar of undefined
Last Comment

8/22/2022 - Mon
http:// thevpn.guru

This does not mean that you are sending spam. It can simply mean that your are getting SPAM in the form of NDR.

Sorry i babble on alot, What im looking for is a way to detect if my linux server is a SPAM sender, or if any of the hosted domains are using the php mail() to send spam via form injections.
is their any script i can install which will give me logs of spam leaving my server.

i dont want my server to be a evil sender of spam
Jan Bacher

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.

I wanted some script to attack to the mail sending failure protocol, which would add ip addess of sender along with the domain it came from.

i figured out a solution by my self, i decided to always add another sender to my contact forms, and attached the information to my clients
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy