Go Back   cPanel Forums > cPanel® and WHM® (for Linux® and FreeBSD® Servers) > Mail
Email - Webmail Attack Email - Webmail Attack
Register FAQ Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 09-09-2009, 07:49 PM
Registered User
  
Join Date: Jul 2007
Location: Chile - SCL
Posts: 18
bhstudios is on a distinguished road
Exclamation Email - Webmail Attack
Hi, i've been having this problem since about 3 weeks now, and can't figure out what's going on.
Random domains from different customers and random email accounts from that domains have been sending out spam random as well.
Mail headers going out looks like this:

1MlXPY-0000TM-7F-H
mailnull 47 12
<xxx@xxxxxxxxx.com>
1252542076 0
-helo_name webmail.xxxxxxxxxxx.com
-host_address 127.0.0.1.45815
-host_name localhost
-host_auth fixed_login
-interface_address 127.0.0.1.25
-received_protocol esmtpa
-body_linecount 37
-max_received_linelength 83
-auth_id xxxxx@xxxxxxxxxxx.com

Even it looks like its been authorized by the user it's not, and we know that because we even had that trouble with a domain of our own, we even changed the password of the email account and problem continued.

What could be happening? Thanks,
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 09-10-2009, 10:54 AM
cPanelMattCurry's Avatar
cPanel Staff (Administrator)
  
Join Date: Aug 2009
Location: Houston, Tx
Posts: 274
cPanelMattCurry is on a distinguished road
Email - Spam attack
Hello,

I am sorry to hear that. You may want to go ahead and submit a ticket so we can look at this as soon as possible. This may be some malicious code, and it is not going to be something we could troubleshoot from the forums. Please let me know if you have any other problems.

Thank you,
Matthew Curry
__________________
If you desire technical assistance from our staff, please let our technical analysts take a look at your server for you. You can do this by submitting a support ticket at http://tickets.cPanel.net/submit
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 09-11-2009, 05:32 PM
Registered User
  
Join Date: Jun 2003
Location: Belgium
Posts: 170
krisdv
Im having the exact same problem, what was the root cause for you?

Regards,
Kris
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 09-19-2009, 05:49 PM
Registered User
  
Join Date: May 2003
Location: Boston, MA USA
Posts: 29
ElrondBCN
I too am having this exact same problem where mailnull is sending out spam.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

Tags
attack , mail , spam , vulnerability , webmail

« [Roundcube] logout error | Horde error after UPCP ? »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Email forwarding outside of webmail gareth_roberts cPanel and WHM Discussions 0 03-23-2007 07:33 AM
under email attack! Radio_Head cPanel and WHM Discussions 0 11-07-2006 06:29 AM
I am getting hit with a distributed dictionay email attack EdRooney cPanel and WHM Discussions 17 09-14-2006 09:05 AM
Email attack on a client..need help damainman cPanel and WHM Discussions 8 03-25-2004 07:07 AM
email not appearing in webmail Fillos cPanel and WHM Discussions 0 02-26-2004 09:53 AM


All times are GMT -5. The time now is 04:52 AM.


Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
© cPanel Inc