Mass email problem

[bas1968]

I had today on 2 servers the same problem that a person gets access to a mail account of 1 of our customers and use our server sending tons of emails. in both cases it was the same person / computer sending this emails.

Here is the header information:

1RLJY7-0005pQ-Fh-H
mail 8 12
<[email protected]>
1320173943 0
-helo_name Veloster2-PC
-host_address 200.103.125.138.58465
-host_name 200-103-125-138.gnace704.dsl.brasiltelecom.net.br
-host_auth login
-interface_address 208.110.83.54.25
-received_protocol esmtpa
-body_linecount 17
-auth_id [email protected]


I hope somebody can help me to solve this problem.

 

[zEitEr]

With that input data how can we help you? If you need a person, who would access your server with SSH and do all necessary works, feel free to send me a PM for a quote, I'll be glad to help you.

 

[machinecode]

I have same problem. How can we resolve this?

 

[zEitEr]

Hire somebody (me for example).

 

[NoBaloney2]

I had today on 2 servers the same problem that a person gets access to a mail account of 1 of our customers and use our server sending tons of emails. in both cases it was the same person / computer sending this emails.

If by access to a mail account you mean they've gotten a password, then of course change the password to one of at least ten characters, using at least one capital letter (for example A as opposed to a), and one or more numerical digits.

If you mean there's a compromised php or other software on the account, update it or remove it.

Then update DirectAdmin to the latest version, and read this for steps to take to limit email sending from your server.

Jeff