Find spam activity in Plesk (Postfix)
This post helps you to find spam activity in Plesk. Plesk supports two Mail Transfer Agents (MTA). They are Postfix and Qmail. The newer versions of Plesk installed with Postfix mail server by default.
I have already written a post about Useful Postfix commands. You can see that thread before proceeding. Also, to identify the spam source in Plesk, you need to follow the below steps.
1. Create /usr/sbin/sendmail.postfix-wrapper script:
You can use your favourite editor to create the script. I am using VIM here.
Add the following into it.
#!/bin/sh (echo X-Additional-Header: $PWD ;cat) | tee -a /var/tmp/mail.send|/usr/sbin/sendmail.postfix-bin "$@"
2. Create a log file
touch /var/tmp/mail.send chmod a+rw /var/tmp/mail.send
3. Set the executable permission for the wrapper script
chmod a+x /usr/sbin/sendmail.postfix-wrapper
4. Rename the sendmail.postfix script and link it to the wrapper script
mv /usr/sbin/sendmail.postfix /usr/sbin/sendmail.postfix-bin ln -s /usr/sbin/sendmail.postfix-wrapper /usr/sbin/sendmail.postfix
Wait for some time (10 minutes to 60 minutes) and check the log file /var/tmp/mail.send. Also, revert the sendmail.postfix script back.
rm -f /usr/sbin/sendmail.postfix mv /usr/sbin/sendmail.postfix-bin /usr/sbin/sendmail.postfix
To find the spam originating directory, run the following command:
grep X-Additional /var/tmp/mail.send | grep `cat /etc/psa/psa.conf | grep HTTPD_VHOSTS_D | sed -e 's/HTTPD_VHOSTS_D//' `
The above command will show you the spam originating directory consisting of the problematic PHP script.
- How to change IP of all domains in Plesk
- How to backup and restore Plesk Database
- Enable statistics on all domains in Plesk
- How to recalculate statistics for a domain on Plesk
- How to Install ImageMagick on Plesk Server
- Block outgoing email of a domain in Plesk – Postfix
- Install APF on Plesk or CentOS
- How to enable Gzip compression on Plesk – Nginx
- How to enable Gzip compression on Plesk – Apache
- How to list domains in Plesk server
- Find email account password in Plesk
- Change outgoing mail server IP address in Plesk
If you like this post and wish to receive more articles from us, please like our FB page: GrepItOut
Your suggestions and feedbacks will encourage us and help to improve further, please feel free to write your comments.
For more details on our services, please drop us an E-mail at firstname.lastname@example.org