Plesk for Linux
kb: technical
Applicable to:
- Plesk for Linux
Symptoms
-
All mail from a Plesk email address is forwarded to an unknown email address, with these records logged to
/var/log/maillog
:dovecot service=lda, user=john.doe@example.com, ip=[]. sieve: msgid=618dad9e22271@example.com: redirect action: forwarded to unknown@example.com
-
There are unknown forwarding rules in Roundcube (webmail.example.com > Settings > Filters)
Cause
The account has been compromised; the attacker created the forwarding rules in webmail.
Resolution
Secure the account and remove the forwarding rules.
- Set a stronger password for the affected account
- Log in to the affected mailbox in webmail
- Go to Settings > Filters and remove the malicious forwarding rule(s).
To help prevent such issue, harden the Plesk server: How to secure a Plesk server
Comments
0 comments
Please sign in to leave a comment.