Hello,
We have a number of managed WHM/cPanel servers hosted by a UK web host.
We are having issues where certain websites/domains/accounts on server-X have been compromised and are sending out hundreds of thousands of spam messages.
The only time we ever hear about this is AFTER the even has occurred, and the the IP address of the server has been blacklisted on real-time blacklists, and the UK Web Host has terminated the accounts. We are able to disinfect the websites using ClamAV but this is very REactive.
We are searching for a method to monitor email sending/receving on our WHM/cPanel servers, ideally with the ability to email us when a domain/website sends out more than 5000 mails per hour/day etc.
Please can anyone advise me on how to proceed? Perhaps someone knows of a WHM plugin that can be installed, that would do this. Or if there are things that can be done natively to help (perhaps automatically generating "sent summary" reports for the last 24 hours etc)
Thanks
We have a number of managed WHM/cPanel servers hosted by a UK web host.
We are having issues where certain websites/domains/accounts on server-X have been compromised and are sending out hundreds of thousands of spam messages.
The only time we ever hear about this is AFTER the even has occurred, and the the IP address of the server has been blacklisted on real-time blacklists, and the UK Web Host has terminated the accounts. We are able to disinfect the websites using ClamAV but this is very REactive.
We are searching for a method to monitor email sending/receving on our WHM/cPanel servers, ideally with the ability to email us when a domain/website sends out more than 5000 mails per hour/day etc.
Please can anyone advise me on how to proceed? Perhaps someone knows of a WHM plugin that can be installed, that would do this. Or if there are things that can be done natively to help (perhaps automatically generating "sent summary" reports for the last 24 hours etc)
Thanks
