Spam sent by admin of site

[Herrie]

L.S.,
I am a webmnaster of 2 sites, sites under Joomla 1.5 (26). Yes I know I should upgrade, but haven't had time nor opportunity.
Recently sites are sending massive email, using this:

Time	Sender	Authentication	Sender Host	Size	Destination	Path	ID
Apr 29 00:52	[adminname]@temp.[hostname].net	[adminname]		449 B	[email][email protected][/email]	/tmp	1WeuPr-00032j-IY

I hope this copy makes sense.
I am not an administrsator of the Host. So I cannot change anything above my level.

Is there a way to bloch this for all times?

Changeing password was not very helpfull. I have a suspicion something on my laptop was stealing my credentials..

According to my host the @temp.[hostname].net is used when there is no sender known.

Mails in the directory mail/new contain this in their header:
Received: from mail by temp.[host].net with local (Exim 4.82) id 1Wf9Xu-0002pu-Tz for dethee@temp.[host].net;

I am really looking forward to a solution.

Y.t
Harry Betlem

 

[nobaloney]

Your site administrator is a valid sender. Your program (perhaps hacked) is sending out emails as the site admin.

You have two choices I can think of; maybe others.

Fix your code.

Ask your host to block all outgoing emails from the site admin (which they may or may not be able or willing to do, and which, even if they do it, may break some site functionality).

We're not Joomla admins here, but perhaps someone on a Joomla site may be willing to help you.

Updating your site software would be a good first step.

Jeff

 

[vancanneyt]

Joomla 1.5.x series has the "end of life" status, so there is no support for it and no security patches since september 2012. This means these installations can be easily hacked and a migration is needed to make the switch to Joomla 2.5 (the current long term support release) or the Joomla 3.X series (short term support release).
The procedure to upgrade is not easy and also depends on the 3rd party extensions that the site had installed. The Jupgrade component makes it easier but still custom templates have to be edited to comply with the newer code standards and also overrides are handled in a different way plus not all components where updated to be compliant with 2.5 or changed in such way upgrading from 1.5 is not possible (developers are dropping support for this old version). Also, you can not migrate to 3.x series because of the many changes, the migrator will migrate many, but not all, data to Joomla 2.5.x series and from then you can use the integrated joomla updater to jump to the 3.x series.

But first it's good to clean up the scripts that caused the SPAM that's being send. Apache usage logs can tell which scripts are being executed, also recently in directadmin you can go to the filemanager and go to the folder .php to find out what mails where send through php and what script executed it. But you still need to migrate the 1.5 Joomla site because the spam problem can occur again fast.