How find hacker's ip of my installed Mail Enable

Discussion regarding the Standard version.
Post Reply
Vortex.Cubes.CEO
Posts: 14
Joined: Mon Jul 26, 2021 9:43 am

How find hacker's ip of my installed Mail Enable

Post by Vortex.Cubes.CEO »

Yesterday some body hacked my mail enable and has send many crap mails to people.
Today my reseller of datacenter mailed me to turn it off immediately.
I uploaded that smtp log file here :
https://gofile.io/d/TvPxmC
Please tell how can i find hacker's ip from this file.

Thanks in advance

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: How find hacker's ip of my installed Mail Enable

Post by MailEnable-Ian »

Hi,

From inspecting the log file is looks like the spamming is using the mailbox postmaster@earn-bitcoin.in to successfully authenticate and relay spam. You need to change the password for this mailbox asap.
Regards,

Ian Margarone
MailEnable Support

Vortex.Cubes.CEO
Posts: 14
Joined: Mon Jul 26, 2021 9:43 am

Re: How find hacker's ip of my installed Mail Enable

Post by Vortex.Cubes.CEO »

It was obviously clear hacker was spamming using my mail.
But how can i find his ip?
In log file there are many ips - But it seems none of them related to hacker.

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: How find hacker's ip of my installed Mail Enable

Post by MailEnable-Ian »

Hi,

Spammers will spoof IP's addresses. You will need to look into methods of stopping this at the firewall level since your running Standard edition. Alternatively you can upgrade to Professional and enable the option for "Abuse detection and prevention" as this will ban incoming IP addresses after 10 invalid authentication attempts for one hour.

Please see: https://www.mailenable.com/documentation/10.0/Professional/Localhost_-_Policies.html
Regards,

Ian Margarone
MailEnable Support

Post Reply