Solved

PLESK/MailEnable SPAM Issue sending emails out

Posted on 2014-12-24
2
665 Views
Last Modified: 2015-01-19
Hi Experts,

I use PLESK 11.0.9 with MailEnabale 8, recently I noticed one of the domain's is sending out thousands of SPAM emails out, I have disabled the email service of this domain name but still I can see it's sending emails out and bounced to the postmaser address when it's fail to send.

Please help me to resolve this and what are the information you need ?

Below is one of the emails I get in to my inbox;

MailEnable: Message could not be delivered to some recipients.
The following recipient(s) could not be reached:

	Recipient: [SMTP:mrfish@gmx.net]
	Reason: Remote SMTP Server Returned: 550 Requested action not taken: mailbox unavailable 


Message headers follow:

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=companydns.com; b=kR6r45/cAzRqIdc87t9odDhtFS5AZMc5vEkKOSJfQaRdcRVssNTC5amOlBJqhVg0jnTC9BvL/wh5wMZwPvE30SI+/OQ0Q8DcRhHX61jJKmJN6EKjln0KbJ83iZ0RF7Ey; h=Received:Date:Subject:To:X-PHP-Originating-Script:From:X-Mailer:Reply-To:Mime-Version:Content-Type;
Received: from PLESK-WIN.companytechnologies.local ([127.0.0.1]) by companydns.com with MailEnable ESMTP; Wed, 24 Dec 2014 21:43:41 +0530
Date: Wed, 24 Dec 2014 16:13:41 +0000
Subject: Busty blonde likes it in outdoor
To: mrfish@gmx.net
X-PHP-Originating-Script: 0:.page46.php(233) : eval()'d code
From: "Aiden Hicks" <support@companydns.com>
X-Mailer: Oudmlr(ver.3.4)
Reply-To: "Aiden Hicks" <support@companydns.com>
Mime-Version: 1.0
Content-Type: multipart/alternative;boundary="----------1419437621549AE635C800E"

Open in new window

0
Comment
Question by:Shakthi777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 64

Accepted Solution

by:
btan earned 500 total points
ID: 40517367
Reference the response code list from MailEnable and mainly it is stating the recipient address is not found in the MailEnable local configuration (e.g. address-map.tab file or database table). If this is expected based on the recipient then the error is in fact working as supposed else need to see if the config has that in existence. This is not the domain blocking error per se which you rightfully if client is blocked then there should be '550 Requested action not taken.  The domain you are sending from is not permitted to access this server'

Mailenable has a blacklist to include the domain to be blocked. E.g. Under Post Office Actions, go to Domain > Properties, under the Blacklist tab to state the sender's domain to be blacklisted.  For example, if you add the domain “mailenable.com” to the blacklist for a domain, then the domain will not accept any emails from mailenable.com.

Minimally I see that from the SMTP security options, the 'Reject mail if sender address is from an invalid domain' and 'Authenticated senders must use valid sender address' should be enable to reduce spam. Also SPF is recommended.

in fact there are other blacklisting schemes like reverse DNS (for sender's IP address is found in the Open Relay or Blacklist databases) and IP Blacklisting (for client IP address and compares it to the blacklist defined under the Access Control). However, most of the time for IP blacklist, the "Hide IP addresses from email headers" is enabled so the client IP is 127.0.0.1 and would not be as effective and in your case, I deemed it is enabled too.

MailEnable kb has more on reducing the SPAM which is handy and do review it. e.g. include one stating from SMTP Connector to enable the option to require that anyone sending from a locally hosted e-mail address needs to authenticate
0
 

Author Closing Comment

by:Shakthi777
ID: 40557423
Thanks !
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Let's recap what we learned from yesterday's Skyport Systems webinar.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question