This question has been archived.

My droplet is compromised and sending out spam.

May 6, 2015 1.9k views
Firewall Security LEMP

I have received message from Admin:

We've detected the following spam being sent from your Droplet:


Received: from [] by <removed> via sendmail with smtp;
for 1 recipient; Fri, 01 May 2015 20:57:42 -0000
Received: from vacinu (unknown [])
by (Postfix) with ESMTPA id BCFCD139F00;
Fri, 1 May 2015 16:51:07 -0400 (EDT)
Message-ID: <removed>
From: Info
To: <removed>
Subject: Fffd hi!
Date: Fri, 1 May 2015 12:37:10 -0700
MIME-Version: 1.0
Content-Type: text/plain;
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Mailer: Microsoft Windows Live Mail 14.0.8089.726
X-MimeOLE: Produced By Microsoft MimeOLE V14.0.8089.726

As a result, we've temporarily blocked mail traffic.

I'm a newbie. I don't know why. After that, I have been set up ssh key, UFW firewall. Are there any security problem ? How can I solve SMTP problem ? Please help me!

Be the first one to answer this question.