Skip to main content

Spam Sent Directly to mailer-daemon@myServer

Comments

3 comments

  • cPanelMichael
    Hello :) Could you post the message header of one of those messages (replacing actual domain names and IP addresses with examples)? Thank you.
    0
  • toolsmythe
    Sorry for the delay in posting a response. I was either never notified of your post or (more likely) missed it. Anyway, here is a sample header you requested:
    Return-path: Envelope-to: mailer-daemon@my.redacted.server.name Delivery-date: Wed, 26 Nov 2014 05:12:00 -0700 Received: from [120.59.142.241] (port=29519 helo=admin.domain) by my.redacted.server.name with smtp (Exim 4.82) (envelope-from ) id 1XtbRw-0004S1-C5 for mailer-daemon@my.redacted.server.name; Wed, 26 Nov 2014 05:12:00 -0700 Message-ID: <4038567a2b13317854d305b715ef59ec@domain.net> From: To: Subject: =?utf-8?B?0Y8g0L/QvtC00L7Qs9C90LDQuyDRgdCy0L7QtdC80YMg0YDQtQ==?= =?utf-8?B?0LHQtdC90LrRgw==?= Date: Wed, 26 Nov 2014 17:40:58 +0530 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="04504d4297a262bfa50f19ef000d7770"
    I redacted my server name. Otherwise the header is unaltered. It's a different domain every time. The message itself is always in Russian. I expected this to stop after time. It has remained steady. Any help would be appreciated. Thanks! JP [COLOR="#D3D3D3"> - - - Updated - - - Here's a second one because variety is the spice of life ...
    Return-path: Envelope-to: mailer-daemon@my.redacted.server.name Delivery-date: Wed, 26 Nov 2014 04:52:02 -0700 Received: from [116.203.66.210] (port=54778 helo=prashant-pc.domain) by my.redacted.server.name with smtp (Exim 4.82) (envelope-from ) id 1Xtb8b-0004AF-9C for mailer-daemon@my.redacted.server.name; Wed, 26 Nov 2014 04:52:02 -0700 Message-ID: <75eee0349b9102ae34f6e3c2125d8f94@domain.net> From: To: Subject: =?utf-8?B?0Y8g0LrRg9C/0LjQuyDRgdCy0L7QtdC80YMg0YHRi9C90YM=?= Date: Wed, 26 Nov 2014 17:21:48 +0530 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="3bac391d20d67b1c04855b6900072420"
    Thanks again. JP
    0
  • cPanelMichael
    Email for "root" is forwarded, so you could setup a filter for the email account that is used for mail forwarded from "root" that deletes these messages. Thank you.
    0

Please sign in to leave a comment.