Track down PHP spammer

[LinuxFreaky]

How do you go about tracking down a spammer using PHP scripts to send out junkmail? In the exim headers all it shows is that the user "nobody" is sending the mails, while the domain used is my server's main domain. The user must have been using the url http://www.myserver.com/~username/spamscript.php to send it, thus the domain/username isn't being logged.

What are some of the ways to go about finding this abuser?

cPanel.net Support Ticket Number:

[tAzMaNiAc]

Originally posted by LinuxFreaky
How do you go about tracking down a spammer using PHP scripts to send out junkmail? In the exim headers all it shows is that the user "nobody" is sending the mails, while the domain used is my server's main domain. The user must have been using the url http://www.myserver.com/~username/spamscript.php to send it, thus the domain/username isn't being logged.

What are some of the ways to go about finding this abuser?

cPanel.net Support Ticket Number:

turn off the ~ and that way you can see the errors in the error log

cPanel.net Support Ticket Number:

[LinuxFreaky]

Originally posted by tAzMaNiAc
turn off the ~ and that way you can see the errors in the error log

cPanel.net Support Ticket Number:

How do I turn that off?

cPanel.net Support Ticket Number:

[bidouilleur]

in whm

security tweaks, first part on the left frame, there are 3 tweaks underwich the one to disable the ~ possibilities

but think about that people using a redirect url to that won't be able to do that anymore.

cPanel.net Support Ticket Number:

[Radio_Head]

Originally posted by LinuxFreaky
How do I turn that off?

cPanel.net Support Ticket Number:

With whm , tweak security if I can remember.

cPanel.net Support Ticket Number:

[kris1351]

Turn off the tilde and we also use a script called MailMon. There are a few links to it here, and it has helped us catch a few spammers before they ever got mail out of the server.

cPanel.net Support Ticket Number: