Posted By: peopleinside on September 23, 2015, 11:54 am |
Webuzo is good but has a very bad things:
Today I had received a very strange e-email from an MAILER-DAEMON address who alert an email sent from my address (who I have not sent anything) has been blocked for a wrong not supported attachment. The attachment seems to be a virus file as is .zip.exe So now HOW I can do for verify if an email is really sended from my server without my knowledge or the email I have received is a fake? Maybe i have to check Exim or Dovecot log? And i have to read all log or there is a way for search.. In the alert Mailer Daemon message there are my email address and the to address who have received this file. ----------------------- PeopleInside Web, security, open source passionate. |
Posted By: peopleinside on September 23, 2015, 1:45 pm | Post: 2 |
Yes, thanks.
There is a way to check if really my VPS has sended this email? What i have to do for check? ----------------------- PeopleInside Web, security, open source passionate. |
Posted By: nikhil89 on September 24, 2015, 6:30 am | Post: 3 |
Hi,
If you are using Centos OS, then you will have to add the following in exim.conf at /etc/exim/ Quote log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn For Ubuntu you will have to add the following in exim4.conf.localmacros at /etc/exim/ Quote MAIN_LOG_SELECTOR=+address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn After adding the above you can check the logs in main.log at /var/log/exim/ using the following command: Quote centos: tail -f /var/log/exim/main.log
ubunut: tail -f /var/log/exim4/mainlog Please let us know if you need any further information. You can also open a ticket here: http://softaculous.com/support/ |
Posted By: peopleinside on September 24, 2015, 8:17 am | Post: 4 |
Thank you,
adding this code will log every email sent from the VPS? But old data will be erased automatically or not? I mean old log? Also i can put this code where i want in the exim.conf or there are specific position? Thanks! ----------------------- PeopleInside Web, security, open source passionate. |
Posted By: valley on September 24, 2015, 4:30 pm | Post: 5 |
It should log the emails as mentioned in the code snippet.
As for the old data, it will not be automatically erased. You can add the code snippet to the beginning of the file for once. Let us know if you still face any trouble. ----------------------- Webuzo : Single User Control Panel Join Webuzo : |