many messages from ymail.com

[upsforum]

I can block these messages?

Event:	failure error
User:	username
Domain:	virtualhost
Sender:	[email protected]
Sent Time:	Aug 6, 2013 1:33:13 PM
Sender Host:	localhost
Sender IP:	127.0.0.1
Authentication:	dovecot_login
Spam Score:	
Recipient:	[email protected]
Delivered To:	
Delivery User:	
Delivery Domain:	
Router:	lookuphost
Transport:	remote_smtp
Out Time:	Aug 6, 2013 1:33:13 PM
ID:	1V6fVd-0001Tv-Kj
Delivery Host:	mta6.am0.yahoodns.net
Delivery IP:	63.250.192.46
Size:	1.81 KB
Result:	SMTP error from remote mail server after end of data: host mta6.am0.yahoodns.net [63.250.192.46]: 554 delivery error: dd This user doesn't have a ymail.com account ([email protected]) [0] - mta1651.mail.gq1.yahoo.com

 

[cPanelMichael]

Hello

It looks like that is a bounce message coming from Yahoo. It indicates the email account sent to does not exist. You can ensure this message does not bounce by not sending emails to that email address. If the message was sent to Yahoo by a spammer, you may find the following document useful:

cPanel - Prevent Email Abuse

Thank you.

 

[upsforum]

I applied the rules on "cPanel - Prevent Email Abuse" but today I have same problem, you can see attach screenshot, exim conveys too many of these messages with [email protected] like sender

attachment: /https://docs.google.com/file/d/0B5E_-_2tuhrVMHVtZkVfVVRfOUk/edit?pli=1

 

[cPanelMichael]

Could you clarify if you are stating that your server is being used to send email with "Ymail.com" as the "from" address? If so, you should be able to determine the username that is sending this email in the delivery event details of the image you provided. You can search this account for scripts with the ability to send email, or suspend the user if they are spoofing the from field through an external email client.

Thank you.

 

[upsforum]

is possible that this email account have a vulnerable password? I tried change password, I wait and see what happens tomorrow

 

[upsforum]

I read this short tutorial and I think that good for me ;-)

How to check whether email accounts have been compromised | Nazeem's Tech Blog

thank you Michael for your suppport

 

[cPanelMichael]

is possible that this email account have a vulnerable password? I tried change password, I wait and see what happens tomorrow

It's possible, but it's also possible there is a script that is capable of sending email on this account.

Thank you.