2018-11-13, 10:53 PM
Hello,
my server hosting provider informed me, that my forums are massively sending out SPAM email. It appears they are using showthread.php to do that. The emails are on behalf of the admin staff of the forums (I am the only admin).
My provider has blocked that php script now, so my forum users can't even access anything, plus they suspended the use of the SMTP server, so I can't even send any personal emails. Which, as you can imagine, is really annoying.
The System Mail Log shows thousands of these emails attempting to send out, still, every minute. They are unsuccessful now, because the SMTP is disabled, but my hosting provider won't enable it, till this malicious script is stopped.
What can I do?
Here is the provider's report (I have blocked out some personal info with XXXX):
my server hosting provider informed me, that my forums are massively sending out SPAM email. It appears they are using showthread.php to do that. The emails are on behalf of the admin staff of the forums (I am the only admin).
My provider has blocked that php script now, so my forum users can't even access anything, plus they suspended the use of the SMTP server, so I can't even send any personal emails. Which, as you can imagine, is really annoying.
The System Mail Log shows thousands of these emails attempting to send out, still, every minute. They are unsuccessful now, because the SMTP is disabled, but my hosting provider won't enable it, till this malicious script is stopped.
What can I do?
Here is the provider's report (I have blocked out some personal info with XXXX):
Quote:It has come to our attention that large number of messages (bulk email) are being sent from customer's account, which has negatively affected our network reputation. Upon further investigation, it appears that one of your script is currently being abused.
SCRIPT=/showthread.php
Following is the excerpts from log for emails being sent from user's account.
Nov 13 04:03:36 USER=ipg.XXXXXX HDIR=/home/users/web/XXXXXXXX SCRIPT=/showthread.php RCPT=1 [[email protected]][email protected][/email] SUBJ=New_Reply_to_compra_cialis_in_italy
Nov 13 04:03:36 USER=ipg.XXXXXX HDIR=/home/users/web/XXXXXXXX SCRIPT=/showthread.php RCPT=1 [[email protected]][email protected][/email] SUBJ=New_Reply_to_cialis_10_mg_bugiardino
etc etc, it goes on ....