Hello I am Paul a PHP / Mysql developer.
I had a issue with a malicious script sending emails on my server.
I upgraded to a server with newer version of plesk / linux and moved everything over.
the email system was working for a while and then stopped sending mail and I found some of the spam from the original server in the queue.
Not sure if this was brought over using plesk migration manager.
I need my email system working POSTFIX on new server (Php scripts are not sending mail)
and I need the malicious mail sender located and removed.
Please email me your approach on figuring out why Email has suddenly stopped and where the malicious code is originating
PS here is info on the attached file from original server malicious script found---
We killed these malicious processes, but made sure to store what files
they were using at /root/malware_lsof.txt. Your IT administrators can use
this for further investigations. The vulnerability is most probably in the
code of your website, but the outdated Plesk Panel cannot be ruled out.
5 freelancers are bidding on average $117 for this job
Hi, I can help you with this issue for sure. Please keep in mind that is not only cleaning buf actually finding the hole they used to crack on the server and close it.
Hi I knew this mailer and can remove it, secure server & cleanup postfix queue from spam mails. SSH and Plesk root/admin access is requied. *************************