Apache Friends Support Forum

Hi guys, I have an issue. I configured my Mercury mail and it was working fine for a month. Today I logged in to my admin account and saw a ton of Mail delivery errors "Postmaster Notify: Delivery Failure." I had no idea what happened so I logged on to my server to check it out. The server was just spamming some crap back and forth starting minutes after the midnight.. There was 350k messages about some Mustafa .. anyway I googled that its a random scam.. But my question is HOW DID THIS HAPPEN? Any way to get rid of it? Currently my mercury mail server is down until I do something.


Also the log file was 25mb and it contains thousands of "rcpt TO:" enteries from an IP address that made 20 connections at the same time???

Ishutaru wrote:HOW DID THIS HAPPEN? Any way to get rid of it?

Not secured good enoug, to weak passwords or similar. Everything depends on your configuration (which we dont know). Mercury does not come with a proper setup, its all your config. How can WE know, what happened to your Server??

I looked into the issue, analysed the log and it might be email spoofing that i'm reading about right now, as I only get delivery failure emails and there is nothing in my Sent mail. My password has caps and numbers. Any way to prevent this so called email spoofing?

Don't use XAMPP in live or public accessible environments.

Altrea wrote:Don't use XAMPP in live or public accessible environments.

This advice almost gave me cancer I'm an IT tech.(

But anyway I figured out that my mailbox wasn't hacked in any way .. it's just someone is using my email as "From:" to send automated spam and whenever it is sent to a non existing email I receive the "Delivery Failed" email with the contents of that email. The only possible workaround I found is to change users login name... from admin@domain.com to somethingelse@domain.com

Is it even possible to configure mercury mail to automatically stop, delete or refuse the "Delivery error" messages being returned? I understand there isn't much I can do

Ishutaru wrote:Is it even possible to configure mercury mail to automatically stop, delete or refuse the "Delivery error" messages being returned? I understand there isn't much I can do

Arent you an IT Tech?! You told so - if i were you, i would find out that on myself. Anyway, Mercury configuration support is far beyond the scope of this forum, you should go for an Mercury forum instead.

Ishutaru wrote:I'm an IT tech.(

What does that mean?
That you can use software in a way it is not created for and still get support for it on it's volunteer support board?
If you use a software in a way it is not designed for you are on your own with problems generated from that misusage.

Altrea wrote:

Ishutaru wrote:I'm an IT tech.(

What does that mean?
That you can use software in a way it is not created for and still get support for it on it's volunteer support board?
If you use a software in a way it is not designed for you are on your own with problems generated from that misusage.

Oh my god ... "What does that mean?"... I don't work with email servers, no one cares about email servers where I live. I do it from my own curiosity. And not all IT techs know EVERYTHING, I don't even work with servers, i'm working with hardware and laptop repairs. You can look up the meaning of "IT technician" here:

Code: Select all

http://learn.org/articles/What_is_an_IT_Support_Technician.html

that's pretty much what I do every day. It doesn't really say anything about email servers and stuff.
I'm just saying that suggestions like "did you try doing the obvious thing" or "You should't do the super obvious thing because it's obviously unsecure" annoy me hard.

Also you are saying it's volunteer support board. It's the ONLY XAMPP support board I know about.

And what do you mean by "use software in a way it is not created for". Are you saying XAMPP has Mercury mail in it not for making a mailbox?

It annoys me hard that an IT tech uses a tool in a way it is not designed for (despite all warning and hints).
XAMPP is a bundle of highly specified tools needing an experienced administrator to get configured against security for public accessible environments.
Just because XAMPP makes it very easy to install these tools locally does not mean that a novice can handle them in every case.

I still dont understand what do you mean by "in a way it is not designed"

XAMPP is designed to make it really easy to install most common webserver components locally as local test and development environment.
Focus is not on security, performance, scalability or stability. The XAMPP components do have multiple settings that are insecure on public accessible environments.

Ishutaru wrote:I'm just saying that suggestions like "did you try doing the obvious thing" or "You should't do the super obvious thing because it's obviously unsecure" annoy me hard.

Very good - it is meant to annoy you! Because you annoy us by ignoring the fact, that Xampp is designed and meant for development only(!) and NOT for online productivity. We are NOT the right forum for your issues having in a production environment, that annoys me hard!