Hi,
the mail.log and mail.info files increase in size dramatically fast, and syslog, the mail queue is enormous and the load on the server sometimes shoots up to over 30 before going back to normal levels like 0.5 or so.
I checked the spam mail in the mail queue for the headers, and here’s an example:
Received from User (localhost [127.0.0.1]) by penghosting.nl (Postfix) with SMTP id 00B5BA3E6; Thu, 21 Nov 2013 14:59:14 +0000 (GMT)
From "Wells Fargo"online_security_alert@account.com
Subject Wells Fargo - Unread Secured Message !
Date Thu, 21 Nov 2013 08:59:27 -0600
MIME-Version 1.0
Content-Type text/html; charset=“Windows-1251”
Content-Transfer-Encoding 7bit
X-Priority 3
X-MSMail-Priority Normal
X-Mailer Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id 20131121145915.00B5BA3E6@penghosting.nl
Now, “penghosting.nl” is the domain that, sorry, can’t remember what it’s called, but it’s the one that rules them all
The name servers that all other servers use are ns1.penghosting.nl and ns2.penghosting.nl
So I don’t know, if showing ‘penghosting.nl’ in the headers of these spam messages means anything.
I checked all the files on penghosting.nl but don’t see anything weird.
What should I do?
Thanks!