1 Topic by jlcmux

  • jlcmux
  • Member
  • Offline
  • Registered: 2014-11-17
  • Posts: 16

Topic: My server send spam.

==== Required information ====
- iRedMail version: iRedMail-0.8.7
- Mysql:
- Ubuntu 14.04:
- Related log if you're reporting an issue:
====

Hi.

i would like know if u can helme with the next problem:

i have my mail server and i have been reported in  differents black list for to send spam. i can look into about that and knew that my clients (windows with outlook) were in a botnet called "cutwail".

i would like to know who is in this botnet because i have 130 clients and i cant format 130 windows stations.

Is there a way to check the outgoing spam? And do you identify infected clients?.


Please help me.


PD:  Sorry for my english.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: My server send spam.

Check Postfix log file to figure out which client (IP address or SASL username) sent many spams.

3 Reply by jlcmux

  • jlcmux
  • Member
  • Offline
  • Registered: 2014-11-17
  • Posts: 16

Re: My server send spam.

ZhangHuangbin wrote:

Check Postfix log file to figure out which client (IP address or SASL username) sent many spams.


can i put spamassassin, amavis or other for check outgoing mails?.


Thank you..

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: My server send spam.

jlcmux wrote:

can i put spamassassin, amavis or other for check outgoing mails?.

It should be enabled by default. You should check Postfix log file first.

5 Reply by jlcmux (edited by jlcmux 2014-11-18 22:18:39)

  • jlcmux
  • Member
  • Offline
  • Registered: 2014-11-17
  • Posts: 16

Re: My server send spam.

ZhangHuangbin wrote:
jlcmux wrote:

can i put spamassassin, amavis or other for check outgoing mails?.

It should be enabled by default. You should check Postfix log file first.


Sorry.

would  can you show me one example of outdoing email in the log?..

thank you.

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: My server send spam.

Did you actually check any Postfix log content?
Usually, weak password is the weakest part of mail service. I suggest you force all users to use a strong password.

By the way, if you have iRedAdmin-Pro, it will show you top 10 senders/recipients in Dashboard, it will be helpful to figure out which email account sent many spams.