Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
dbmaster2012-07-24 22:17:37
Email
dbmaster, 2012-07-24 22:17:37

Is the server hacked?

Hey!

Recently, letters from Google of the following kind began to arrive

Delivery to the following recipient failed permanently:

     [email protected]

----- Original message -----

Received: by 10.204.130.7 with SMTP id q7mr4549572bks.2.1343155330591;
        Tue, 24 Jul 2012 11:42:10 -0700 (PDT)
Return-Path: <[email protected]>
Received: from dsldevice.lan ([188.51.8.179])
        by gmr-mx.google.com with ESMTP id q3si4736186bkv.1.2012.07.24.11.42.09;
        Tue, 24 Jul 2012 11:42:10 -0700 (PDT)
Received-SPF: neutral (google.com: 188.51.8.179 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=188.51.8.179;
Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 188.51.8.179 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]
To: "dr-bb8p87i3o2f" <[email protected]>
Subject: Dear dr-bb8p87i3o2f
From: "Modesto" <[email protected]>
Date: Tue, 24 Jul 2012 21:42:08 +0300
X Priority: 3
X-MSMail-Priority: Normal
X-Mailer: IPS PHP Mailer
MIME Version: 1.0
content-type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Message-ID: <[email protected]>

----- End of message -----


How to understand if it is spam / phishing or emails are sent from our servers?

ip 188.51.8.179 is not ours.

Tell me what to do and how can I protect the server (ubuntu) from hacks of this kind?

Thanks

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
V
Vladimir Dubrovin, 2012-07-24
@z3apa3a

Spam via Trojan with IP 188.51.8.179. The infected computer is called MARLENE-PC and is connected via a DSL router. So, if all this is not yours, you can sleep peacefully.

Report
F
freem4n, 2012-07-25
@freem4n

branegy.com is your domain?
Set yourself an SPF from which IP mail can be sent so that spammers do not use your domain as a cover.

Report
M
marklarius, 2012-07-24
@marklarius

en.wikipedia.org/wiki/Joe_job#Joe-job-like_automated_spam

Similar questions
S
Stepan2016-03-29 14:26:57
How to connect DKIM to EXIM + phpMailer on CentOS? 2Reply
V
Vadim Rublev2021-11-07 00:47:09
Why krakozyabry in the subject line in "Opera Mail"? 1Reply
B
brandmaster2018-08-28 15:22:48
How to auto-complete the sender's e-mail in an html letter? 1Reply
E
Erling2016-04-08 17:12:23
Mail hosting for your own domain? 2Reply
V
Vyacheslav Yashnikov2016-04-09 19:25:50
How is the application sent to the mail in the SaleJS jquery cart? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question