I have some problems lately related to qmail. The qmail-send daemon stops suddenly.

I checked the queue and it seems that periodically the queue fills with emails addressed from anonymous@mydomain.com to @aol.com. The concurrency both local and remote is set to 50. I managed to stop qmail from crashing... but now the problem is that qmail generates a very high iowait (up to 80-90%).

Of course that everything else on the server stops responding and eventually ssh access is cut also, and the only solution is to reboot the server. It's not a practical solution because I have to do this at least once a day.

The server has Plesk installed and qmail-1.03 on a RHEL OS. I'm not sure about the patches as I cannot update patches from other sources.

Can anyone help me with this problem?

First you need to sort out who/what is sending the mail. From the little bit you've said (mainly the anonymous@ sending address) it sounds like it's probably a PHP script to me. That's what I would look for first at least.

So make sure all of your php mailing scripts on the server are secure. Sometimes you can track those back to the source script by looking for some similarities in the email then looking for something unique in those emails via grep. This will usually find it if there's someone on your server who is actually doing the spamming.

If it's just an unsecure script, it'll be a bit tougher to track down. But first things first. And that's sorting out who the spammer is or what script they've found that they can exploit.

Unfortunatelly they are not emails originating from our server. They came from some IPs outside with invalid DNS records. We blocked those IPs, but unfortunatelly this is not a very wise solution as the bug is in the qmail server.

Look for a script that has been corrupted.

Trust me, it's there somewhere.