Hi Everyone,
I need some help. I believe there is someone put a spam email script on my server, but I am not where that is. Need some help to figure out where it is.
Mail server: postfix Server: Ubuntu HHVM Nginx
Any help would be appreciated!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Click below to sign up and get $100 of credit to try our products over 60 days!
Try to use tcpdump command to capture the traffic especially the mail server ports like 110 - 25 … (depends on your service you provide) then analyze the captured traffic and block the inappropriate sources with iptables.
Examples of commands just to get started:
Block the traffic from specific source