Check your /var/log/maillog for lots of different IPs sending through one account via smtp, or create a phpmail log file to detect where the bad script is, like this:

Pedro Estevão wrote:
Are you talking on a ilegit web hosting issue (script under wordpress site) or 
a ilegit access to your webmail (squirrelmail)?
Or if I miss understood what are web hosting and webmail related?

-----Original Message-----
From: Rajesh M []
Sent: 16 August 2017 14:22
Subject: [qmailtoaster] spamming on server


i have a few websites along with qmailtoaster

i noted that one of the websites with wordpress was hacked and using a php 
script the spammer was injecting emails into the qmail queue ie there is 
nothing in the smtp logs, but the send logs contained 1000s of remote delivery 

i use squirrelmail but with smtp authentication only, ie email sent to external 
domains from my server has to smtp authenticate first.

my tcp.smtp is as follows

how could the spammer directly inject email to the qmail queue ?

what am i missing here ?


To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

Reply via email to