The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Warning: Be careful when checking your mail queue in WHM

Discussion in 'E-mail Discussions' started by damainman, Sep 14, 2004.

  1. damainman

    damainman Well-Known Member

    Joined:
    Nov 13, 2003
    Messages:
    515
    Likes Received:
    0
    Trophy Points:
    16
    Today I decided to check the "Manage Mail Queue", and there was a email message in it. I went to view the message, and the next thing i know a Norton messaged popped up saying I received a virus.

    According to Norton the virus was saved in my internet cache " C:\Documents and Settings\damainman\Local Settings\Temporary Internet Files\Content.IE5\T0QNM2OT\vieweximmsg[1].htm"

    And the name of the virus was: W32.Netsky.P@mm!enc - http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky.p@mm!enc.html
     
  2. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    Thanks for the heads up!
     
  3. BrightAdmin

    BrightAdmin Well-Known Member

    Joined:
    Feb 29, 2004
    Messages:
    204
    Likes Received:
    0
    Trophy Points:
    16
    Dear damainman,

    Thank you so much for your kind info.

    Regards,
    BrightAdmin :)
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Yup, get those all the time checking the mail queue - a decent uptodate virus scanner is a must (on Windows, anyway).
     
  5. cguimont

    cguimont Well-Known Member

    Joined:
    Jul 13, 2004
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    I hope you are not hosting some private website because I would k*ll you for looking at my mails in the queue... Privicy violation
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    :rolleyes: Sometimes that is unavoidable when maintaining a server while troubleshooting and should be something you know if you're administering a server.
     
  7. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    We also saw quite a few of these, what a royal pain. But like said, an up-to-date virus scanner is a like saver
     
  8. The MAzTER

    The MAzTER Well-Known Member

    Joined:
    Jul 3, 2003
    Messages:
    106
    Likes Received:
    0
    Trophy Points:
    16
    you shoudnt read customers e-mail :cool:
     
  9. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Anyone running a server who never checks the mail in the queue, isn't doing a full server admin job.
     
  10. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    For us it was actually going to one of our own accounts, and as others stated, proper sysadmin of a server warrants it sometimes.
     
  11. cguimont

    cguimont Well-Known Member

    Joined:
    Jul 13, 2004
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    True, but that doesn't mean that you need to open it to check.
    Just looking at the queue and looking where it's going is enough.
     
  12. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    That's true. I rarely look at the actual emails, but there are occasions when I feel it necessary to do so. Especially if it has multiple to addresses.
     
  13. damainman

    damainman Well-Known Member

    Joined:
    Nov 13, 2003
    Messages:
    515
    Likes Received:
    0
    Trophy Points:
    16
    The only reason i checked the mail queue is because a client of mine, had a message board that was sending him alerts to two of his outdated email accounts which didn't exist. The emails would bounce back to us. We notified him of this, and i was just checking the mail queue to make sure his emails weren't filling it anymore.

    However the email i checked was actually a email to his email account on the server which was valid. Anyway checking our records, we now know that theres somesome emailing him multiple viruses and all from the same IP range but with different email addresses. We temporarily blocked the IP range, and he hasn't received anymore viruses.

    We would've never been fully aware of this situation the client was having, if i didn't check the mail queue, get infected, and start investigating :).

    Also for the record, i believe in privacy and would never spend my day or even 2 secs checking everyones emails. The only time we go into the email queue is when we are investigating a potential mail problem.
     
  14. nzservers

    nzservers Well-Known Member

    Joined:
    Oct 27, 2002
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    sysadmins of linux using MS?? lol

    use linux then you can open those damn virus mails (to make sure they are virus) and delete them.

    it's only a privacy issue if you read a legit mail and share it's contents around, for the purpose of keeping virus (and some spam) from staying on the q for days and loading up the server it's good practise to delete them.
     
  15. trparky

    trparky Well-Known Member

    Joined:
    Apr 23, 2003
    Messages:
    184
    Likes Received:
    1
    Trophy Points:
    0
    Not always the case man.

    If there is an email message in the queue that has more than 10 to 20 email addresses that it is going to, a red flag goes up and I open it. Usually, it is spam, I read the headers, take the proper actions, then delete the message from the queue.
     
  16. Sheldon

    Sheldon Well-Known Member

    Joined:
    Jun 7, 2004
    Messages:
    378
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    'I hope you are not hosting some private website because I would k*ll you for looking at my mails in the queue... Privicy violation'



    to damn bad in my books...

    my server = I do what I want when I want..

    thats what a TOS, AUP, PP are for!
     
  17. nzservers

    nzservers Well-Known Member

    Joined:
    Oct 27, 2002
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    don't be ridiculous, we are trusted to keep priviledged information to ourselves and it's not as if I read the users mail, I get enough of my own to plough through, all I do is see if it's a virus (top few lines), you get to know by the addresses and mail size what it is too.

    I'd hate to see the crap on your mail q that keeps using system resources trying to be delivered when it's gonna get rejected because it contains a virus.

    if you're gonna bitch about that you had better uninstall horde as the main user can read all the other users mail on that account.

    I have a nil mail q most of the time because I get rid of the crap that just isn't gonna get delivered.

    I've managed to reduce the q by blackholing returned mail to non existant domains but as you know real domains get used too and as yet I haven't found a way to not send the virus back. (too busy reading mail I guess) :eek:
     
Loading...

Share This Page