Language
 
HomeKnowledge BaseMailNow! V5[HOW TO] Understand Mailnow 5 .qjb file
Information
Article ID86
Created On6/26/2012
Modified4/19/2013
Share With Others
[HOW TO] Understand Mailnow 5 .qjb file
Understand .qjb file content in smtpqueue

Please find the information below as a guideline :-

[SENDER]   justin@xxxxx.com


[RECIPIENT]acjj30@yahoo.com,acjluvsu@yahoo.com,acjmmd@hotmail.com,acjmoreno@netzero.com,
acjohnson13@hotmail.com,acjohnson423@yahoo.com,acjones_69@yahoo.com,acjones1977@yahoo.com,
acjones58@yahoo.com,acjostes@hotmail.com,acjpryor@yahoo.com,acjr@ubalde.com,acjs4@netzero.net,
acjsports@yahoo.com,acjstamper@comcast.net,acjuarez86@yahoo.com,acjw2@hotmail.com,
ack_21@msn.com,ack185@yahoo.com,ack1956@yahoo.com

2

[AUTHENTICATION]  hrd@xxxxx.com
-,0
-,-,-

[SENDER IP ADDRESS]  41.203.64.132
User
0

Refer to the information above, you know that it is identify as spam mail, simply because 
there are lot of funny email address(recipient). However, we can see that the sender is justin
but the spammer manage to use "hrd" to authenticate to send out the mail. The main reason here
is due to weak password. From another point, as you can see the sender is from external ip address.

This incident can cause smtpqueue jam up, mailnow failed to start.

Please follow the step below:-
1. Stop mailnow service | go to mailnow directory | rename smtpqueue folder
2. Open the folder inside smtpqueue folder | open .qjb file as mention above 
3. If identify as spam mail | disconnect the pc from the network (authenticate user) | scan pc
4. Restart Mailnow service |make sure change more secure password for the authenticate user account, 
    this case | change user "hrd" password | advice to send using MN5 webmail.
5. Monitor the smtpqueue flow
  
-----------------------------------------------------------------------------------------------------------------------

Example of DAT file(spam mail content) below:-

Reply-To: <lichinwu_273@yahoo.com.hk>
From: "Li Chin Wu"<justin@xxxxxxx.com>
Subject: Important Message
Date: Tue, 5 Jun 2012 06:58:23 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Antivirus: avast! (VPS 120604-1, 06/04/2012), Outbound message
X-Antivirus-Status: Clean

Good day, 
 
I am Li Chin Wu, a Principal assurance Manager for the Huaxia Bank. I am contacting you with regards the estate of one Mr. Peter and an investment placed in our bank 5 years ago. It is important you keep the contents of this mail confidential and respect the integrity of the information you come by as a result of this mail.I contact you independently and no one is informed of this communication.In 2003, the subject matter,Mr.Peter came to our bank to engage in business discussions with our private banking division.He informed us that he had a financial portfolio of 12.4 million United States dollars,which he wished to have us invest on his behalf.
 
Based on my advice, we invested the money around various opportunities and made attractive margins for our first months of operation, the accrued profit and interest stood at this point at over 14 million United States Dollars. In mid 2005, he instructed that the principal sum (12.4M) be liquidated because he needed to make an urgent investment requiring cash payments in Hong Kong. We got in touch with a specialist bank in Hong Kong the Dah Sing Bank who agreed to receive this money for a fee and make cash available to Mr. Peter . However Dah Sing Bank got in touch with us last year that this money has not been claimed. On further enquiries we found out that Mr. Peter was involved in an accident in Shanghai, which means he died intestate. 
 
He left no next of kin and the reason I am writing you is because you have the same last name. I have exclusive access to his file, I have the power and know how you will be made the beneficiary of these funds. My bank will contact you informing you that money has been willed to you.On verification, which will be the details I make available to my bank,my bank will instruct Dah Sing Bank to make payments to you. You do not have to have known him. I know this might be a bit heavy for you but please trust me and believe in me on this. For all your involvements and troubles I propose that we split the money in hol?. In the banking circle this happens every time. The other option is that the money be reverted to the state and we get nothing. Nobody is getting hurt, this is a lifetime opportunity for us. I hold the key to these funds, and as a Chinese National we see so much cash and funds being re-assigned daily. I want us to keep communication for now strictly by this email.
 
Please,note If we can be of one accord, we should act swiftly on this.Please get back to me immediately and provide and reconfirm your full details so we can discuss this matter extensively.
 
I await your response.
Li Chin Wu.