Knowledge Base

How to identify spam source on Plesk for Windows Server

 
emaillinuxmailnetworkphp

Question

Many email messages are being sent using PHP scripts from a Plesk server. How to find spamming subscriptions?

Answer

  1. Connect to the Plesk server via RDP.

  2. Download Process Monitor utility.

  3. Run Procmon.exe.

  4. Configure filter to show only TCP packets which are sent on port 25 of a local server: Download this Process Monitor configuration file and import it to Process Monitor at File > Import Configuration....

  5. Make sure only network activity is enabled in the settings bar (enabled by default).

    1.png

  6. Wait for the entries to start being logged as on the following screenshot:

    Click on the image to enlarge
    Process Monitor

  7. Identify the spamming subscription by analyzing the output of the User table. In the example above, 'testtld' user represents the subscription 'test.tld'

Additional Information

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit