Disable phplist using admin account

I have a very old phplist installation (version 2.10.19). I still have the admin account but not access to the server anymore. I think it’s being used to send out spam (probably due to a bug?) since I am receiving a lot of Mail Delivery Failure notifications to the email used in phplist to send out emails (it’s used only there).

Is there a way to disable / delete / destroy / anything (it’s not used anymore) phplist from the web interface using the admin account?

Thanks for your help.

As you say, this is a very old version and I no longer have access to a working version, so from memory…

Log in, then view any campaigns, and have a go at deleting an still running. Might be a workable option.

There are no campaigns running. I think they can send emails even if they don’t have access to the system, regardless any configuration in phplist. I am basically looking for a way to disable everything using the admin account.

This doesn’t sound like a phpList issue if there are no campaigns in phpList. I would guess that it is one of two things, both unrelated to phpList.

Most likely, I think the email address is simply being plugged into the “from” field of spam originating elsewhere, and there’s nothing you can do about that because it has nothing to do with you, that server, etc. I have a couple domains that have catch-all inboxes and I regularly get Mail Delivery Failure notifications where the supposed “from” address doesn’t exist, it’s a bogus username combined with my domain name. Mail systems (and mail admins) being sloppy, they bounce the junk back to an address that never existed, ending up in my catch-all inboxes for the domains.

Alternatively, it might be possible that the server you no longer have access to, or software on it, has been hacked, giving the spam sender the ability to feed data to sendmail or whatever MTA that server uses. But they could put any “from” address on their spam, they wouldn’t need to use the one you used, which is why I think this is the less-likely scenario.

If you can see the complete mail headers for any bounced message, you could check to see where the spam is actually being sent from. My bet would be it’s not even coming from your (prior) server.

1 Like