EnglishI’ve big problem with mailcow sending spam e-mail. It happens only for one from eight domains I provide on this server. There is even 200000 spam e-mails in the queue for day, horrible 
When I disable this problematic domain problem disappering, other domains doesn’t spamming.
Please help to find what causing problem, how to start to overcome it.
Thanks a lot in advance, I’m really stuck,
Regards Dariusz
Take a look in the mailcow logs to see from which Mailbox your Spam is send.
If you´ve located the mailbox you have to reset the password or disable that box.
Have something to say?
Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!
DerLinkman I know this solution and it works but unfortunatelly I have almost one hundrend e-mail boxes at this domain and very many of them are spamming (.
I’m looking where is the hole …
Temporary solution can be cutting IP from with could login to email boxes this domain, is it possible in mailcow to configure ?
I’m really grateful of any your help.
Best regards Darek
You can set that in the Fail2Ban Section of the UI.
There you can clarify IP Adresses or even ranges which arent allowed to talk with the server.
But it is white or black IP ranges per server … Is it possible to configure it per domain ?
Are the outbound spams being done via authenticated accounts? Or did you possibly configure the domain as an open relay by accident?
Email Server Test - Online SMTP diagnostics tool - MxToolbox
mxtoolbox.com
Either way you’ll want to start shutting down the mail accounts sending spam, even if one-by-one.
aaronsmith Of course it’s not open relay, I’ve checked it and I’m quite sure (at this level as we can be something quite sure except death and taxes 
)
I’ve took control this spam problem at this moment, I was disabling accounts and then changing password then activate accounts again…
But there is still anxiety in my mind that it could be back couse I couldn’t find reason that problems …
Is it possible to somebody hack mailcow password generator ? or how it can to hack/take over so many accounts ?
Regards Darek
You can maybe ask the account owners to check the password they used against haveibeenpowned. Maybe they used the same password in your mailcow as on a breached website , that maybe also contains the e-mail-address that goes into you cow.
Greets,
Mayk
