Spamming in server

**nitaish** · 03-06-2010 06:57 AM

I can see a lot of spam emails being sent out from one of our servers, but I am not able to find out the email user which is being used for SMTP authentication. From the headers of the spam emails, I can understand that one of my customers' computer is infected with virus and is sending out spam emails. I can see the IPs of a local ISP in the header, however, blocking the IP does not work as it seems he does not have a static IP as the IP changes everytime. What is the best way to find out which email account is being used for sending spam from the server?

**thewebhosting** · 03-07-2010 12:14 AM

You will have to check the header ID in your email logs and check for the email address. You can get the email logs from the /var/log/exim_mainlog. You can check the particular header ID using the below mentioned command:

cat /var/log/exim_mainlog | grep header ID.

**nitaish** · 03-08-2010 07:51 AM

I could find the domain from which the spamming was happening by enabling Extended logging in cpanel.

LinkBack

Thread Tools

Spamming in server

Spamming from my Server

Spamming from the server.

how to check server is spamming ?

Someone spamming from my server

someone is spamming from my server.. ??