The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel sending emails with the following message

Discussion in 'E-mail Discussions' started by johnscott1966, Apr 29, 2012.

  1. johnscott1966

    johnscott1966 Registered

    Joined:
    Apr 29, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Below are the recently upload scripts that contain code to send email. You may wish to inspect them to ensure they are not sending out SPAM.

    Can anyone tell me why this is happening and what I need to look for please ?? :eek:
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,448
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Your system is alerting you to these as a precaution. If a user just installed a Joomla CMS for example:

    Code:
    /home/username/public_html/administrator/components/com_config/controllers/application.php:355:                 $config_array['fromname']       = JRequest::getVar('fromname', 'Joomla 1.5', 'post', 'string');
    /home/username/public_html/administrator/components/com_config/controllers/application.php:356:                 $config_array['sendmail']       = JRequest::getVar('sendmail', '/usr/sbin/sendmail', 'post', 'string');
    /home/username/public_html/administrator/components/com_config/controllers/application.php:357:                 $config_array['smtpauth']       = JRequest::getVar('smtpauth', 0, 'post', 'int');
    ---
    /home/username/public_html/configuration.php:40:        var $fromname = 'Users Website name';
    /home/username/public_html/configuration.php:41:        var $sendmail = '/usr/sbin/sendmail';
    /home/username/public_html/configuration.php:42:        var $smtpauth = '0';
    Then it should be safe to assume that the files ok.

    But, if there has been nothing new installed recently and you got one with strange looking names or text or languages in it, you should look closer at that account right away, it may have been compromised.
     
  3. Nimmi

    Nimmi Member

    Joined:
    Apr 30, 2012
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Please double-check the mail sending PHP scripts in the server , remove them if they are not genuine . Also update third party applications like Joomla, wordpress,etc to the latest stable version , and remove unneccesary plugins/themes.
     
Loading...

Share This Page