Also check your /var/log/qmail/submission/current for bad activity
Pedro Estevão wrote:
Are you talking on a ilegit web hosting issue (script under wordpress site) or a ilegit access to your webmail (squirrelmail)? Or if I miss understood what are web hosting and webmail related? -----Original Message----- From: Rajesh M [mailto:24x7ser...@24x7server.net] Sent: 16 August 2017 14:22 To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] spamming on server hi i have a few websites along with qmailtoaster i noted that one of the websites with wordpress was hacked and using a php script the spammer was injecting emails into the qmail queue ie there is nothing in the smtp logs, but the send logs contained 1000s of remote delivery entries. i use squirrelmail but with smtp authentication only, ie email sent to external domains from my server has to smtp authenticate first. my tcp.smtp is as follows 127.0.0.1:allow :allow,BADMIMETYPE="",QMAILQUEUE="/var/qmail/bin/simscan",BADLOADERTYPE="M",CHKUSER_START="ALWAYS", CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1", DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private" how could the spammer directly inject email to the qmail queue ? what am i missing here ? thanks rajesh --------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com