Plesk 12.x / Linux :: View Detailed Maillog To Find Spam Scripts
Apr 15, 2015
We have just had reports of SPAM being sent from our CentOS 6.x server running Plesk 12.
Services like Plesk Premium antivirus, SpamAssasin, watchdog(rkhunter) and mod_security are enabled on the server to enhance security and none of these seemed to stop the scripts.
The issue is that multiple domains are sending out mail from this server, so it is difficult to find the script sending out SPAM.
When we were running Plesk 11.0 we had a seperate log-file where we could see the file sending any mail going out from the postfix mailserver. I have check both /var/log/maillog and /usr/local/psa/var/log/maillog, but there is nothing in those files to tell me the file that sent the mail.
How would I go about finding this file from either the Plesk Control Panel or through SSH (using log-files)?
View 1 Replies
ADVERTISEMENT
Jan 23, 2007
waht i do ?
Code:
root@server [~]# service exim restart
Shutting down clamd: [ OK ]
Shutting down exim: [ OK ]
Shutting down antirelayd: [FAILED]
Shutting down spamd: [ OK ]
Starting clamd: [ OK ]
Starting exim-26: [ OK ]
Starting exim: [ OK ]
Starting exim-smtps: [ OK ]
Starting antirelayd: Cannot find the maillog at /usr/sbin/antirelayd line 26.
[FAILED]
Starting spamd: [ OK ]
View 2 Replies
View Related
Jun 20, 2014
I facing a serious problem with my qmail and plesk 11.0.9.I found the way spammer did with my server by listening everything on port 25. Maybe he know the RCPT hosts of mine, and they send emails with random username but with domain hosted on my Plesk. (user1@mydomain.com, user2@ my domain.com, ... userxxx@mydomain.com).
qmail only check domain in RCPT if spammer input:"mail from user1@mydomain.com" - (with out ":") - no email address on my server.then server reply: 550, no mailbox here by that name. (#5.7.17)
But qmail check username and domain if spammer input:""mail from: user1@mydomain.com" - (with ":") - no email address on my server. Then server reply: 250 OK..This is really weird! I tried with all my plesk server, this bug still effected.Click to expand...
View 2 Replies
View Related
Aug 17, 2014
I'm working with OS CentOS 6.4 (Final) Panel version 11.0.9 Update #61 and using qmail as my default mail server.
Now I checked my maillog (/usr/local/psa/var/log/maillog) but It didn't maintenance daily as usual.
View 12 Replies
View Related
Mar 31, 2015
Plesk 12 is used, latest #MU on CentOS 6.5 final.
Maillog is full of messages like:
Mar 31 14:56:52 hosting plesk sendmail[1177]: _mh_fork(): Error occured during waiting the child process with pid: 1178: No child processes
Mar 31 14:56:52 hosting plesk sendmail[1177]: Error during 'check-quota' handler
Mar 31 14:56:52 hosting plesk sendmail[1177]: Unable to get sender domain by sender mailname
[Code]....
View 1 Replies
View Related
Sep 28, 2014
I have a server in my house. My IP local is 192.168.1.61 and i have other ip static public. I can view my domain and one subdomain, but i don't view other subdomain and webmail.
View 1 Replies
View Related
Jul 28, 2014
I changed the Administrator view to Power User. How to change back?
View 5 Replies
View Related
Aug 19, 2014
I have a Cloud VPS with 1and1 and Plesk is installed on it. I happen to have a VPS view that doesn't include DNS functionality for the domains.
So, i have added domain to the system, create an email address... because i dont see on how i can manage DNS settings I have set up cloudflare and pointed domain to the cloudflare and cloudflare is pointing to server.
so I have email: me@domain.com
on cloudflare i have:
A domain @ IP
A www @ IP
CNAME mail @ domain
MX 10 mail.domain
In plesk i have set up an alias, mail.domain for domain, that has access to email.
I go to the network-tools.com to look up me@domain.com:
[Resolving mail.domain...]
[Contacting mail.domain [IP]...]
[Timed out]
View 3 Replies
View Related
Sep 11, 2014
I just installed Plesk 12 Web Admin Edition, installed and activated all licence keys and everything works fine.The only thing, I can't find the "Service Provider View" in the Interface Settings, there is only a "Power-User" view provided, even I've selected the Service Provider View during Plesk Setup, I was moved to the Power User view and now I can't switch the interface.I am really missing the server health monitoring from this Service Provider View like got it on all other servers I have.
View 4 Replies
View Related
Dec 2, 2014
I have a Plesk 11.5 server that someone made changes to in IIS to allow web site users to turn the sending of detailed error messages on and off from a web.config file. Unfortunately now none of the sites will send detailed error messages to the browser no matter what is done. The person that made the changes to IIS did not document them properly and cannot tell me what exactly they changed. None of the obvious settings have made an effect on the problem.
View 1 Replies
View Related
Jun 18, 2014
We are unable to change the view to service provider in plesk12. Only power panel seems to show up.
Tried to do a bootstrap repair but that hasn't fixed it.
View 3 Replies
View Related
Oct 15, 2014
I imported backups in Plesk 12 from Plesk 9.5.4.
I can access 4 out of 5 domains in my subscritions, but one domain dosn't appear in the list.
The 4 working domains are "Default Domain", the one i can't access is "unlimited".
In the list of packages i can click on the number of subscriptions and see the domains, but if click on the 1 unlimited subscription nothing gets listed / no elements found.
The domains is online, but i can't access it with plesk.
View 1 Replies
View Related
May 26, 2015
The APSC database was corrupted, so i used :
/usr/local/psa/bootstrapper/pp11.5.30-bootstrapper/bootstrapper.sh repair
to repair the databases. Worked, but give me the error
"Table 'aps_resource' doesn't exist"
One more time, i recover this table from the newest backup existing. But now, give the error " Can not find registry resource for Application ID" for one domain - I have 3 domains, 2 are working, one not.
View 3 Replies
View Related
Jul 14, 2015
I have just installed a new Cloudlinux 6.6 Plesk 12 box but am unable to find the additional PHP versions as shown in the attached image.
I'm on update #55.
I'd prefer to use Plesk's built-in PHP versions instead of the Cloudlinux ones.
View 4 Replies
View Related
May 15, 2014
I cannot find my files after deploy war files..
I need to create a directory after unpacking war file process..
I need to know where is my files in server..
View 1 Replies
View Related
Jun 25, 2014
I'm migrating from Plesk 9.5 (Centos 5) to Plesk 12 (Centos 6).I found this in the migration.log file: [24124]: 2014-06-25 14:27:20 DEBUG Unable to find 'pigz', trying 'gzip'
I've installed pigz from Plesk repository and I can execute pigz in the shell, but definitely Plesk Panel doesn't use pigz.I tried with pigz from EPEL repo and the log showed the same error. I also tried to move the binary from /usr/bin/pigz to /bin/pigz and It didn't work.I'm interested in using Pigz to improve the speed of migration and backup.
View 4 Replies
View Related
Oct 6, 2014
I have completed email set up on my server and have checked that email ports are open, but for some reason outlook keeps returning : "Outlook cannot find the server. Verify the server information is entered correctly in the Account Settings, and that you DNS settings in the Network pane of System Preferences are correct."
The odd thing is that outlook still picks up emails if I receive any, but keeps returning above error every minute.
View 1 Replies
View Related
May 24, 2015
I just migrated a bunch of domains from plesk 11.5. Everything appears to be working well however when examining the maillog, I am seeing some strange errors... In this example, the message was delivered and had the spamassassin stuff in the header.
spamd: handle_user unable to find user: 'jason@xxxxxxp.com'
View 4 Replies
View Related
Nov 18, 2014
When you perform a migration, Plesk gives me this error. For more I search, I find what may be the cause.
Error: Unable to find domain with name 'e-domain.com'[2014-11-18 19:41:31] ERR [panel] exception 'PleskObjectNotFoundException' with message 'Unable to find domain with name 'e-domain.com'' in /usr/local/psa/admin/plib/Domain.php:950
Stack trace:
#0 /usr/local/psa/admin/plib/backup/Conflicts/PleskDataManager.php(1278): Domain::getByName('e-domain.c...')
#1 /usr/local/psa/admin/plib/backup/Conflicts/Resolver/UnfitSettingsResolver.php(500):
[Code] .....
View 1 Replies
View Related
Apr 27, 2015
I have formatted my server and tried to install PLESK 11.5 (I have my license every thing). But after I start to install with current AutoInstaller there is only PLESK 12 to be chosen.
How can I install my PLESK 11.5 BACK with Current AutoInstall? Is there anyway to have an option to install 11.5 in the Installation Selection?
View 1 Replies
View Related
Oct 16, 2014
We are running the latest Plesk 12 under CentOS 7.
While I can see the App Owncloud as Admin in the Application Vault my users cannot see that particular app in their Application pool. They can see all other apps though. Just not Owncloud.
All resellers and customers are allowed to install everything from the pool and i selected Owncloud in the Vault already and "made it available" .. Though it is not shown.
View 7 Replies
View Related
Aug 25, 2014
On a couple of domains I get this error if I click on the domain in the domains option or in the Subscriptions list.
Unable to find row by field login with value domain.com in smb_users table.
How can I fix this?
View 1 Replies
View Related
Feb 1, 2009
I have a web blog that shows promise of growing pretty big soon! This is a vbulletin whith chatbox and arcade games. The forum is for gamers and game modification talk. I want to keep my features such as in forum mp3 player for streaming music. I host no files everything is linked from outside sources. Even photos are linked from photo hosts. I forsee about 20-30 members on at all time browsing and chatting in chatbox. Playing in the online arcade!
I have no idea how much bandwidth all this will use up. I do know that 20-40 gig of space should be quite enough but as always I want all I can get. As far as bandwidth I have no idea what all those features will eat up.
I have looked at fatcow.com and talked to them they said their unlimited is this 300gig space 3000 gig bandwidth and they do not keep up with msql databases. I looked on BBB and they have an A+ record if compared to hostgator they have unsatifatory! The only problem is they are yearly contract only. I do not trust this! I also have to let them re-bill me at end of year and this gives them access to my account. The payment options are check,paybal, or credit.
View 9 Replies
View Related
Oct 31, 2009
I found a spam script running in the processes under apache as ky.pl. But no matter how
I search I can't seem to find this file, anyone know what is the procedure?
View 3 Replies
View Related
Mar 27, 2009
I have a dedicated server, the server itself is secure (as far as I know) and I run lots of my sites from it. I offered a friend hosting for his flash based chat application he built.
Today I was contacted by someone; "Are you the owner of xxxx.net?" so I informed that yes, it was my server and they then showed me an email they'd received from my server. I did a search and apparently someone uploaded mail.php and a couple of files it was using to send out spam based upon a variety of conditions that the other files met. The files contained forenames and surnames, it'd use a forename and a surname then send it to popular free mail services. The email contained ramblings about new world order and promoted a website.
How can I find out how they got the files uploaded to the account and what action can I take? I checked the whois for the domain and have their contact information, however it's a large site so I'm doubtful that the owner did it. I don't want my servers IPs being blacklisted for spam :|
View 3 Replies
View Related
Jun 30, 2014
When trying to access the settings for mail on a domain I get the following error:
Error: Unable to find service node for ip address with id=6
I understand this is a problem with the database but I am not sure where to look to fix it.
I only have 4 IP addresses on the system.
View 2 Replies
View Related
Mar 14, 2008
Not far ago somebody hacked our customer account through the vulnerability in phpBB Album module and uploaded some scripts. Then it started to send nigerian spam using exim and apache. These scripts were found and deleted and the Album module was fully deleted too. But when I look at the processes now I see that exim and httpd still start very often so the system resources are probably overused by them ......
View 7 Replies
View Related
Jun 25, 2015
I have Spam in the Mail Queue.
How can I detect, where it come from, or how can I avoid it ?
View 3 Replies
View Related
Apr 3, 2015
Today in a plesk 12 with mail control (20 mails per hour per mailbox) a spammer stole a password of a mailbox and send nearly 1000 mails in two hours.
How can it is possible? Also in the stats I see 0 mails sent. In the logs (var/log/mail.log) I see the spam wast sent from a mailbox...
View 8 Replies
View Related
