I keep having issues with spam being sent via a dedicated server. As soon as I think I've solved the problem, another problem arises. 1. In the mail queue in the Plesk Panel (v.11) a few messages are showing as failed. No sender email address is there, just the recipient address. 2. Using the mail ID on the email (qmail 22064 invoked for bounce) I ran: /var/qmail/bin/qmail-qread to get the message ID 3. Using: cat /var/qmail/queue/mess/8/4261471 I brought up the message Now the email is sending that the sender was and the receiver was an internal email address. Here is the message: What else can I do to get down to the actual source of the spam? I've read a few posts on Parallels but half of the SSH commands they ask you to do don't work i.e. different file locations etc...
The bounce back message i.e. the upper part of the message shows that these emails are sent from your server. This can happen when one of the email ID is hacked and then used for sending spam emails. The original message i.e. the one stated under the "--- Below this line is a copy of the message." part states that its spoofing because your email ID wasn't the sender. I would say closely watching the logs may get you to the origin of these emails. If you wish, I would like to take a look at the server.