WordPress.org

Forums

Thousands of Mail delivery errors from different wordpress installations. (5 posts)

  1. Xupeta
    Member
    Posted 2 years ago #

    Hi,

    I noticed this error not too long ago, but I've become concerned now. I have multiple cpanel accounts with wordpress installations and they all have mail delivery failed to: jaqqscigs@gmail.com.

    These messaged are generated from wordpress@domain.com and they end up on the default account on cpanel: user@domain.com.

    I've tried new installation on a new cpanel account, new domain, new wordpress installation, but they continue.

    Has anyone have this problem?

    Many Thanks.
    CJ

  2. Pioneer Web Design
    Member
    Posted 2 years ago #

    Has anyone have this problem?

    As far as we can tell, it is just you that has a problem.

  3. Xupeta
    Member
    Posted 2 years ago #

    Here's a few details.
    I run my own vps.

    WordPress 3.8

    Here's information about the Message error:

    Return-path: <rgcosme@server.cjteksolutions.com>
    Received: from rgcosme by server.cjteksolutions.com with local (Exim 4.82)
    (envelope-from <rgcosme@server.cjteksolutions.com>)
    id 1Vrfty-0007NG-4v
    for jaqqscigs@gmail.com; Fri, 13 Dec 2013 22:28:26 -0500
    To: jaqqscigs@gmail.com
    Subject: WordPress Plugin
    Date: Sat, 14 Dec 2013 03:28:26 +0000
    From: WordPress <wordpress@rgcosmetics.com>
    Message-ID: <866f239df7350fc44671dff7d100f18b@##str_replacement[1]##>
    X-Priority: 3
    X-Mailer: PHPMailer 5.2.4 (http://code.google.com/a/apache-extras.org/p/phpmailer/)
    MIME-Version: 1.0
    Content-Transfer-Encoding: 8bit
    Content-Type: text/plain; charset=UTF-8

    http://www.rgcosmetics.com

    according to this Link

  4. Pioneer Web Design
    Member
    Posted 2 years ago #

    My guess is one of your installed plugins includes the base64 eval code that is mentioned at the bottom of the linked thread at stackexchange. Deactivate all plugins and see if error goes away.

    Since you are running your own VPS, I would also strongly encourage you to review security setup on it and also review Hardening WordPress.

  5. solosik
    Member
    Posted 2 years ago #

    Find this code addressdecode=base64_decode("amFxcXNjaWdzQGdtYWlsLmNvbQ==") and then delete function. I had the same problem, this code was in template files.

Topic Closed

This topic has been closed to new replies.

About this Topic