D
D
dbmaster2012-07-24 22:17:37
Email
dbmaster, 2012-07-24 22:17:37

Is the server hacked?

Hey!

Recently, letters from Google of the following kind began to arrive

Delivery to the following recipient failed permanently:

     [email protected]

----- Original message -----

Received: by 10.204.130.7 with SMTP id q7mr4549572bks.2.1343155330591;
        Tue, 24 Jul 2012 11:42:10 -0700 (PDT)
Return-Path: <[email protected]>
Received: from dsldevice.lan ([188.51.8.179])
        by gmr-mx.google.com with ESMTP id q3si4736186bkv.1.2012.07.24.11.42.09;
        Tue, 24 Jul 2012 11:42:10 -0700 (PDT)
Received-SPF: neutral (google.com: 188.51.8.179 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=188.51.8.179;
Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 188.51.8.179 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]
To: "dr-bb8p87i3o2f" <[email protected]>
Subject: Dear dr-bb8p87i3o2f
From: "Modesto" <[email protected]>
Date: Tue, 24 Jul 2012 21:42:08 +0300
X Priority: 3
X-MSMail-Priority: Normal
X-Mailer: IPS PHP Mailer
MIME Version: 1.0
content-type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Message-ID: <[email protected]>

----- End of message -----



How to understand if it is spam / phishing or emails are sent from our servers?

ip 188.51.8.179 is not ours.

Tell me what to do and how can I protect the server (ubuntu) from hacks of this kind?

Thanks

Answer the question

In order to leave comments, you need to log in

3 answer(s)
V
Vladimir Dubrovin, 2012-07-24
@z3apa3a

Spam via Trojan with IP 188.51.8.179. The infected computer is called MARLENE-PC and is connected via a DSL router. So, if all this is not yours, you can sleep peacefully.

F
freem4n, 2012-07-25
@freem4n

branegy.com is your domain?
Set yourself an SPF from which IP mail can be sent so that spammers do not use your domain as a cover.

M
marklarius, 2012-07-24
@marklarius

en.wikipedia.org/wiki/Joe_job#Joe-job-like_automated_spam

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question