danielp9690 Posted Monday at 05:26 PM Posted Monday at 05:26 PM Hi, my account has been suspended, I'm guessing because it's been a good while since I last logged in 🫢 was wondering if I could have it unsuspended, thanks Quote
MoneyBroz Posted Monday at 05:30 PM Posted Monday at 05:30 PM Your account is suspended for sending too many emails. if you haven't logged in recently then your account likely has been compromised. a root admin can offer more information on this. Quote
Krydos Posted Monday at 05:48 PM Posted Monday at 05:48 PM Someone from Alaska from the IP address 140.228.121.123 has been logging into your account and sending spam emails to random addresses like richardgullage@bellsouth.net, cherch1@bk.ru, tomstokli@seznam.cz, lovee1835@naver.com, etc. This has already happened before on your account back in November 2023. When your account sends spam it makes the whole server get blacklisted and thousands of other people's emails will get sent to spam because of you. Why should we give you another chance? Quote
danielp9690 Posted Monday at 07:37 PM Author Posted Monday at 07:37 PM Hi, thanks for getting back to me. I'd like some more information about this as it definitely wasn't me! When you say they logged in and sent E-Mails, did they login to the control panel you use or did they login through the website which was running on Joomla? The account was halted due to lack of activity in September 2024, and it was just by chance that I tried to renew it again just over a week ago (I expected it to have been deleted for inactivity by now) Did this Alaskan IP login after I renewed it on Feb 15th or was it suspended at an earlier date but your system still allowed me to renew it? Any chance you have the exact dates available for both occurrences when this took place? Do your servers log how the logins take place... Username and Password, cookie stealing, browser hijack etc. Thanks Quote
Krydos Posted Monday at 10:45 PM Posted Monday at 10:45 PM 3 hours ago, danielp9690 said: did they login to the control panel No, they logged into SMTP. 3 hours ago, danielp9690 said: did they login through the website which was running on Joomla? No, as far as I can see your account is empty, and has nothing installed. 3 hours ago, danielp9690 said: I expected it to have been deleted for inactivity by now We never delete accounts unless people request it. If people abandon their account they go into archived state, and people can restore them back to being active whenever they want. 3 hours ago, danielp9690 said: Did this Alaskan IP login after I renewed it on Feb 15th No, it was logging into your SMTP yesterday and sending spam. That's why your account was suspended. 3 hours ago, danielp9690 said: was it suspended at an earlier date but your system still allowed me to renew it? You can't renew or unsuspend suspended accounts yourself. 3 hours ago, danielp9690 said: Any chance you have the exact dates available for both occurrences when this took place? 2025-02-23 02:19:15 and 2023-11-08 11:54:43 3 hours ago, danielp9690 said: Do your servers log how the logins take place... Username and Password, cookie stealing, browser hijack etc. SMTP login using the email account daniel@the-petrol-head.co.uk. How they got the password you would know better than us. Keylogger on your computer? Weak password? Reusing passwords that have been leaked from other websites? Quote
danielp9690 Posted Tuesday at 05:27 PM Author Posted Tuesday at 05:27 PM 18 hours ago, Krydos said: No, they logged into SMTP. No, as far as I can see your account is empty, and has nothing installed. We never delete accounts unless people request it. If people abandon their account they go into archived state, and people can restore them back to being active whenever they want. No, it was logging into your SMTP yesterday and sending spam. That's why your account was suspended. You can't renew or unsuspend suspended accounts yourself. 2025-02-23 02:19:15 and 2023-11-08 11:54:43 SMTP login using the email account daniel@the-petrol-head.co.uk. How they got the password you would know better than us. Keylogger on your computer? Weak password? Reusing passwords that have been leaked from other websites? Thanks for that. I've done several virus, spyware, adware etc scans and I've not got anything. I've just checked on HIBP and it appears that the E-Mail address you listed and the password for the account was leaked in something called "Cit0day" so I'm guessing that's the likely cause. If you were to give me another chance, I am more than happy for you to disable E-Mails entirely on my account as I didn't use them anyway. Quote
wolstech Posted Tuesday at 05:37 PM Posted Tuesday at 05:37 PM Yeah a leaked password will do it. Since you don't use email anyway, I'm going to randomize the password on the mailbox and leave your mail service disabled so your account can't send any future spam. You may want to consider deleting the mailbox entirely. Unsuspended. It may take a few minutes to start working again. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.