Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 05-04-2024, 12:39 AM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega International Area / German Corner v / spamproblem - hilfeee

Post Reply 
spamproblem - hilfeee
Author Message
fulltilt Offline
Member
***

Posts: 1,225
Joined: Apr 2007
Reputation: 5
Post: #1
spamproblem - hilfeee
habe seit heute hier ein seltsames spamproblem (alles überr cn IPs)
habe den emailuser gelöscht, das web gesperrt und es geht trotzdem weiter, hier einige infos aus den logs:
noname.tld steht hier für die echte domain

Code:
Von     =?pH62?B?ztLDx7a81NrV4rXIxOO1xLzTyOsxNzo1MDoxMQ==?= <info@noname.tld>
Zu
Datum     Sun, 22 Jul 2012 17:50:15 +0800
Betreff     =?pH62?B?ztLDx7a81NrV4rXIxOO1xLzTyOsxNzo1MDoxMQ==?=

Jul 22 11:59:48 sr01 postfix/virtual[14743]: BC66B314A087: to=<info@noname.tld>, relay=virtual, delay=0.01, delays=0.01/0/0/0, dsn=5.1.1, status=bounced (unknown user: "info@noname.tld")

Code:
Received     from bds (unknown [58.221.55.152]) by w01.my
servername.com (Postfix) with ESMTPA id D11E2314A06B; Sun, 22 Jul 2012 11:36:45 +0200 (CEST)
Message-ID <AB43669E5341D7E477573D1D5D2ECA21@bds>
From ¿´¿´ÎÒµÄÇ°Å®ÓÑ-- <info@noname.tld>
To
Subject ¿´¿´ÎÒµÄÇ°Å®ÓÑ--17:36:42
Date Sun, 22 Jul 2012 17:36:44 +0800
MIME-Version 1.0
Content-Type text/html; charset="gb2312"
Content-Transfer-Encoding base64
X-Priority 3
X-MSMail-Priority Normal
X-Mailer Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE Produced By Microsoft MimeOLE V6.00.2900.5512[code]
dieser account ist gelöscht, trotzdem loggt er sich ein:
4B421314A082: client=unknown[112.67.124.73], sasl_method=LOGIN, sasl_username=info@noname.tld
(This post was last modified: 07-22-2012 08:38 PM by fulltilt.)
07-22-2012 08:09 PM
Find all posts by this user Quote this message in a reply
ephigenie Offline
Project Leader
*******
Administrators

Posts: 1,578
Joined: Oct 2006
Reputation: 15
Post: #2
RE: spamproblem - hilfeee
just seems as if the credentials are cached somewhere still. Did you try restarting imap ?
Also it seems as if your /etc/postfix/ispcp/domains , sender-access not contain the actual data.
Can you pls take a look if info@noname.tld still exists in there ?

If you use courier for imap/pop3 they retrieve the login data from mysql - so please also check with PMA if they still exist there.
07-24-2012 03:56 PM
Visit this user's website Find all posts by this user Quote this message in a reply
fulltilt Offline
Member
***

Posts: 1,225
Joined: Apr 2007
Reputation: 5
Post: #3
RE: spamproblem - hilfeee
ja, /etc/postfix/ispcp/domains , sender-access stimmt alles ... sämtliche mail dienste neugestartet und ssl zertifikate neu erstellt ...
ich habe ja diese mailadresse gelöscht und sonst ist sie nirgends vorhanden,
habe nun eine zusätzliche sender-check eingebunden und die mailadresse info@noname.tld auf reject gesetzt, das klappt zwar aber das eigentliche problem ist nicht gelöst:
Code:
Jul 24 14:15:49 sr01 postfix/smtpd[25870]: NOQUEUE: reject: RCPT from unknown[183.130.81.2]: 554 5.7.1 <info@noname.tld>: Sender address rejected: Access denied; from=<info@noname.tld> to=<546426300@qq.com> proto=ESMTP helo=<md>
Jul 24 14:15:49 sr01 postfix/smtpd[25870]: lost connection after RCPT from unknown[183.130.81.2]
Jul 24 14:15:49 sr01 postfix/smtpd[25870]: disconnect from unknown[183.130.81.2]
Jul 24 14:15:50 sr01 postfix/smtpd[28386]: connect from unknown[183.130.81.2]
(This post was last modified: 07-24-2012 10:25 PM by fulltilt.)
07-24-2012 10:25 PM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication