vb.org Archive - View Single Post

HM666 · #5 02-10-2015, 02:21 AM

WOW - digging around in WHM cPanel while waiting for some of the tests to load and to me it looks as if possibly the email account has been hacked. What do you guys think?

I'm in the View Mail Statistics Summary area and under the heading: Top 50 sending hosts by message count I see these hosts as senders I assume:

ip1.grsrv.com
(wf41wb6.myrename.com)
(l7erx.renameweb.com)
(marketmindful2.com)
(nativespace-janus.ns-janus.com)
(grandpat.info)
(lloydstsb.co.uk)
m5.myzamanamail.com
(ip-static-74-121-182-135.as5577.net)
(mailserver.localhost.com)
fordtruckin.com
m1.myzamanamail.com
(acreflubgh0121.com)
(h2zmoj.renameweb.com)
mail02.feedblitz.com
mta65250.mxmfb.com
r26.hello.channel4.com
pc-175-63-100-190.cm.vtr.net
hot-train.com
mout.gmx.com
(bldprssure0128.com)
m10.myzamanamail.com
(fight4fam0128.com)
jest8.jestpil.org
(gmail.com)
106-85.mta.dotmailer.com
(februdeals.co)
mail2146.lakelandltd.mkt2684.com
(datecommunity.co)
(topwindowglass.net)
spruce-goose-af.twitter.com
spruce-goose-al.twitter.com
spring-chicken-ar.twitter.com
mail23.members.csnstores.com
mail4.members.csnstores.com
smtp083.myfanbox.com
(static.ttnet.com.tr)
cpe-066-056-189-213.sc.res.rr.com
mail.aaftexteis.pt
(rectifyeliminate.co)
smtp076.myfanbox.com
smtp077.myfanbox.com
nitrogen-onsise.cccampaigns.com
(truefreecredit.org)
68-170-59-100.mammothnetworks.com
mail1767.messages.eno.org
61-227-9-71.dynamic.hinet.net
fw.dabs.com
adsl-68-91-199-150.dsl.snantx.swbell.net

If this is a hacked situation how do I fix this? I'm used to fixing a hacked vBulletin but not an email server. Shouldn't the freaking host be fixing this crap since they are the ones who ultimately caused it anyways?!?!? I've attached three screens from the site suggested by Simon. I'm not sure what exactly some of that means on those warnings. Where do I make those changes or is that something the host should do?

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01641 seconds Memory Usage 1,788KB Queries Executed 12 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (3)postbit_attachment (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_attachment postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: