Good afternoon all. I have been using this control panel since Zpanel 6 early days. I'm running Sentora on Ubuntu 14.04 server. For the second time in a month, my VPS hoster has stopped the mail service on my node because the server seems to be getting hacked and used a relay agent. I am not the smartest person when it comes to dovecot, postfix, and Linux security, but am really trying to learn.
I have tried many things to stop this; including learning and using IPtables. I currently only allow the following ports in OR out: 80, 143, ssh, ftp, imaps, pop3s, smtps (587) and DNS. I also have postfix setup to where you cannot send email unless you authenticate with a valid email account that is on the server.
I am not sure what else to do. My mailqueue shows i have 2,100 pending deliveries (which i have cleared). Earlier this month it was over 103,000. The email address they show to be sending from is a valid email account on the server but is only used for internal things. Any help would be great appreciate it. Not sure what logs/config files you would want to see. So, if you need to see something, just let me know.
Thanks in advance!!
I have tried many things to stop this; including learning and using IPtables. I currently only allow the following ports in OR out: 80, 143, ssh, ftp, imaps, pop3s, smtps (587) and DNS. I also have postfix setup to where you cannot send email unless you authenticate with a valid email account that is on the server.
I am not sure what else to do. My mailqueue shows i have 2,100 pending deliveries (which i have cleared). Earlier this month it was over 103,000. The email address they show to be sending from is a valid email account on the server but is only used for internal things. Any help would be great appreciate it. Not sure what logs/config files you would want to see. So, if you need to see something, just let me know.
Thanks in advance!!
