The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Configuration led to php forms not to work

Discussion in 'E-mail Discussions' started by gzgz, Jan 23, 2015.

  1. gzgz

    gzgz Registered

    Joined:
    Jan 23, 2015
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello,

    My VPS was having some trouble with spam mails sent through a infected archive on one of the websites I have on him.
    So I searched for some solutions and found that one:
    http://forums.cpanel.net/f43/setup-...-hour-per-domain-users-201222.html#post843452

    All that he said I did, including change sendmail name to block php files to send mail.
    But unfortunately (I didn't thought about that) this has disabled all the forms from the websites on the VPS to be able to send mails...

    I don't know if I rename sendmail again it would make spammer file to work and send again, but there is some way to keep php forms from websites work and solve this spam matter?

    I'm willing to find the files that are sending spam from the server in some website to delete them and close this damn problem, also found some reference about a process running under the name of "ps" and that could be a file sending spam. I really found 2 processes coming from files on the websites with that name, but when I managed to find the files and delete them, I found nothing. Some files on the directory was kinda suspicious (checked them under ssh and saw that they mattered nothing to wordpress) and deleted them.

    What I want to know about it is: This action of deleting the files will solve the problem completely or there is some specific action needed?

    I need to solve this spam problem and keep php forms running. Those spam being sent are making the VPS to exceed the relay quota and my client become unable to use mail.
    Now the problem is solved because of that sendmail change but I need forms to run...

    Any help?
     
  2. gzgz

    gzgz Registered

    Joined:
    Jan 23, 2015
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Found that reference too:
    /http://www.inmotionhosting.com/support/email/exim/find-spam-script-location-with-exim

    With this I was able to see some scripts that was sending much mail but some of them when I cd to the location it says that the directory dont exist...
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    The following document is a good place to start:

    cPanel - Prevent Email Abuse

    In particular, based on your report, consider using suPHP or Mod_Ruid2 so you can determine which user is responsible for the SPAM. It might be a good idea to suspend those users and have them determine which aspects of their account/website have been hacked.

    Thank you.
     
  4. gzgz

    gzgz Registered

    Joined:
    Jan 23, 2015
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    My problem with changing for suPHP is that I'm already using default cgi as handler and I really don't know if that is going to change something on the already hosted websites...
    I will need to tweak something on websites after changing to suPHP?

    Thanks for the help!
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page