spamming on Hosted svrs?

Looking for other way to look at spamming issue on a vps hosted server we DO NOT use as mail server.
We simply us it to host sites we build/maintain, and DNS manager that points MX records to our in-house mail servers.

Seems in that VPS hosted web server there are emails in the queue, cleared once already, passwords changed for user it looked like on the VPS account that was sending the mail.  But again queue is filled up.  I confirmed the mail is not coming from our internal emails servers via my FW and email server logs analysis and monitoring.

What can I possibly be missing as the VPS tech support is email only and nothings seems to be being done.  Thank you.
dee30Asked:
Who is Participating?
 
Dr. KlahnConnect With a Mentor Principal Software EngineerCommented:
First thing, immediately change all passwords on that system and enable two-factor authentication if possible.

Then.  Should that system be sending email at all?  If not, ...

Is the offending system linux or Windows? If it's linux, disable mail / postfix / dovecot and block outgoing port 25 using iptables.

Long term fix:  Reload the system from known clean distribution kits and generate all new randomly generated passwords of at least 16 length.
0
 
David Johnson, CD, MVPOwnerCommented:
you say it has mail in the queue.. So you have the smtp components installed on the server and the web sites can send mail?
0
 
dee30Author Commented:
no mail should be sending.
it's windows and joomla use cpanel for joomla access to upload php html files etc.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Dr. KlahnPrincipal Software EngineerCommented:
Then the email components should be disabled or removed, and the problem will be solved.
0
 
dee30Author Commented:
Yeah trying to find that stop, disable, uninstall option still..  also just discovered the de dedicated IP has one pretty damn close on same /24 network that has dsn listed as same as the hosting company we have our vps from and both, unrelated the other ip to us, has a poor email rep.  Hmmmm!!!???:
0
 
dee30Author Commented:
Thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.