How can I determine which mailboxes hosted in Plesk are responsible for outbound spam?

1. Log in to Plesk;

2. In Tools & Settings > Mail Server Settings > Mail Queue, search for mailboxes that have a large number of deferred emails;

3. In Tools & Settings > Mail Server Settings, check if the option Turn on limitations on outgoing email messages is enabled. If it is, go to Tools & Settings > Outgoing Mail Control and check which mailboxes are trying to exceed their limits;

1. Connect to the server via SSH

2. Download the attached archive with the script file for calculating the number of sent emails and extract it:

   # curl -LO https://raw.githubusercontent.com/plesk/kb-scripts/master/spam-investigation/spam_investigation.sh

3. Execute the script:

   # bash spam_investigation.sh

4. Check the ~/spam_investigation/sorted_list.txt file to determine which mailboxes are sending the most emails:

   # cat ~/spam_investigation/sorted_list.txt

Warning: Once the server has been identified as a source of spam, all mailboxes will start to have their emails deferred. It is important to determine which mailboxes were being deferred prior to the server being flagged as a spam source.