Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Cpanel sending emails with the following message

Discussion in 'E-mail Discussion' started by johnscott1966, Apr 29, 2012.

  1. johnscott1966

    johnscott1966 Registered

    Joined:
    Apr 29, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Website Owner
    Below are the recently upload scripts that contain code to send email. You may wish to inspect them to ensure they are not sending out SPAM.

    Can anyone tell me why this is happening and what I need to look for please ?? :eek:
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,309
    Likes Received:
    393
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Your system is alerting you to these as a precaution. If a user just installed a Joomla CMS for example:

    Code:
    /home/username/public_html/administrator/components/com_config/controllers/application.php:355:                 $config_array['fromname']       = JRequest::getVar('fromname', 'Joomla 1.5', 'post', 'string');
    /home/username/public_html/administrator/components/com_config/controllers/application.php:356:                 $config_array['sendmail']       = JRequest::getVar('sendmail', '/usr/sbin/sendmail', 'post', 'string');
    /home/username/public_html/administrator/components/com_config/controllers/application.php:357:                 $config_array['smtpauth']       = JRequest::getVar('smtpauth', 0, 'post', 'int');
    ---
    /home/username/public_html/configuration.php:40:        var $fromname = 'Users Website name';
    /home/username/public_html/configuration.php:41:        var $sendmail = '/usr/sbin/sendmail';
    /home/username/public_html/configuration.php:42:        var $smtpauth = '0';
    Then it should be safe to assume that the files ok.

    But, if there has been nothing new installed recently and you got one with strange looking names or text or languages in it, you should look closer at that account right away, it may have been compromised.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Nimmi

    Nimmi Member

    Joined:
    Apr 30, 2012
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Root Administrator
    Please double-check the mail sending PHP scripts in the server , remove them if they are not genuine . Also update third party applications like Joomla, wordpress,etc to the latest stable version , and remove unneccesary plugins/themes.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice