outgoing spam prevention / anti hack
Recently i found 50000 spam emails in the mail queue. It seems one of the websites got hacked (i am guessing through joomla plugin) and a encoded php script was installing that was sending spam like crazy. Even after enabling email limitation , it didn't actually say where these emails were coming from as the current implementation only lists email accounts and totally ignores scripts when listings (only when counting domains).
So.
- needs to scan for encoded php scripts
- needs to scan for folder privileges of cms systems
- in this link : https://[domain].com:8443/admin/outgoing-mail/list/type/subscription
needs to list in addition tot the subscriptions , script locations (php origin script) which sends email.
Anonymous
shared this idea
Thank you for your feedback!
Unfortunately, this request contains three different suggestions, and it’s not technically possible to properly handle them inside one request.
Please consider creating separate feature requests for each of the items below:
1. “needs to scan for encoded php scripts”
Please clarify the scenario you are asking about.
2. “needs to scan for folder privileges of cms systems”
We could consider the possibility of implementing this feature in future Plesk releases.
3. “in this link : https://[domain].com:8443/admin/outgoing-mail/list/type/subscription needs to list in addition tot the subscriptions, script locations (php origin script) which sends email.”
Please see this idea:
https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/12827919-show-currently-recently-mail-sending-scripts
Please create a new request with each item, so that others can vote for it.
Thank you.
— ES