Author Topic: Possible compromized site and blacklisted IP  (Read 163 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Possible compromized site and blacklisted IP
« on: March 24, 2020, 03:32:00 PM »
Hi Guys. I have been having a rather annoying matter to deal with and will truly apprecaite any help. One of the account I imported from a cPanel system and it spammed the hell out of my server. I only realized when one of my customers reported that their emails are bouncing back with a Spamhaus blacklist message. I believe the recepient mailbox declined to recieve it due to the IP being blacklisted.

I found all those culprits thatnks to the Mail Explorer. I am attaching a screenshot below for better understanding. So I have since deleted the account in question and also switched off external port 25 communication and disabled PHP mail().

Could anyone help me to find out if it is possible to see if any new emails are getting generated? Is there a way to clear the mail explorer list so that I can see what new emails are getting created? Will really appreciate your help!

Screenshot: http://markinfinity.com/temp/mails.png