Joomla caused Spam. Now what?

kavouras

Registered
Jul 14, 2016
1
0
1
Athens
cPanel Access Level
Root Administrator
Hello there,

I am new here, so excuse me if I am posting in the wrong place.

I own a cPanel server with a few accounts that I administrate. Most of them are running Joomla + Virtuemart (all runing the same set of joomla, extensions, settings, etc)

About a month ago, I noticed that there were thousands of mails sent by fake addresses that looked like they were of our domains. I failed to find out which script caused this vulnerability, but after doing some research, I finally managed to stop these spam issues by changing SMTP settings etc. (no spam issues for the last 24hrs xD )

Now I face 2 problems:

1st) When a visitor reaches a contact page, any contact page of any site hosted, joomla or not, he gets error messages on Chrome like:

The site ahead contains malware
Attackers currently on [Removed] might attempt to install dangerous programs on your computer that steal or delete your information (for example, photos, passwords, messages, and credit cards).

Automatically report details of possible security incidents to Google. Privacy policy
Google Safe Browsing recently detected malware on Websites that are normally safe are sometimes infected with malware. The malicious content comes from realstatistics.info, a known malware distributor.

If you understand the risks to your security, you may visit this unsafe site before the dangerous programs have been removed.


2nd) My mail gate has been blacklisted due to the thousands of spam mails sent by attackers. What means, almost any message I sent is delivered to "Spam" folders of Gmail, Yahoo, Microsoft, etc. due to low reputation of my machine.

I have no idea how to fix these problems. Could you please assist me further ?

Thank you in advance.
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,883
2,256
463
Hello,

1. I believe Google allows you to request a status change at:

https://developers.google.com/webmasters/hacked/docs/request_review?rd=1

2. First, ensure you follow all of the steps at:

How to Keep your Email out of the Spam Folder

Next, if the issue persists, you will need to request delisting from each provider. Another option that might help is to order a new IP address and change the IP address used by Exim for sending email:

https://documentation.cpanel.net/display/CKB/How+to+Configure+Exim's+Outgoing+IP+Address

Thank you.