Email spammer - [email protected]

Im using Hestia (VestaCP) since 2013. Im so happy with it.
Im facing a serious issue with my EXIM4 server for past 3 years with [email protected]
This ID keep trying to send large emails from my server. I set EXIM4 rate limit to 60/Hour.

I thought the issue is on my server itself, may have some loop holes.
But now i realized the issue is not the server, but Hestia installation scripts itself.
Because i changed to VULTR cloud, & tried fresh hestiaCP installation on different 3 droplets & i have the same issue even no users added, no any websites added except panel’s subdomain (main panel root).
I strongly have perception the issue somewhere is with HestiaCP scripts. Kindly advise…

  • Ubuntu 20.04
  • Hestia latest installation ( I have issue for past 2 years of versions)
  • No domains added
  • The spammer start sending emails just within 24hrs
  • Tried to create fresh servers without any other scripts inside except HestiaCP
  • Digitalocean & Vultr - both cloud servers having the same issue.

2022-05-03 12:08:54 (WIN-G7CPHCGK247) [] F=[email protected] rejected RCPT [email protected]: Rejected because is in a black list at or your ip address / hostname?

Hi. Is not my IP.
Its spammers IP i think.
It using random ip/hostname

I assume it is incoming mail that is bounced. if the ip remains the same add the ip to the blacklist in iptables

Also it is smart to enable the blacklist iplist.

Oops, yeah. I agreed your prompt response on this. Could be my server rejected his IP for receiving that email. Thank you bro. Can close this unnecessary tkt. :slight_smile: