The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cron Jobs filling mail queue

Discussion in 'General Discussion' started by Leriss, Feb 25, 2015.

  1. Leriss

    Leriss Member

    Joined:
    Dec 18, 2007
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I've noticed our mail queue on one of the servers is being filled up all the time by cron job e-mail, most come from jailed shell environemnts, here is an example:

    Code:
    1YN2fH-001527-8U-D
    This message was created automatically by mail delivery software.
    
    A message that you sent could not be delivered to one or more of its
    recipients. This is a permanent error. The following address(es) failed:
    
      XXXXXXXX@XXXXXXXX
    
    ------ This is a copy of the message, including all the headers. ------
    
    Return-path: <root@XXXXXXXX>
    Received: from XXXXXXXX by XXXXXXXX with local (Exim 4.84)
    	(envelope-from <root@XXXXXXXX>)
    	id 1YLDXe-004HU8-7I
    	for XXXXXXXX@XXXXXXXX; Tue, 10 Feb 2015 08:20:02 -0800
    From: root@XXXXXXXX (Cron Daemon)
    To: XXXXXXXX@XXXXXXXX
    Subject: Cron <XXXXXXXX@XXXXXXXX> php /home/XXXXXXXX/public_html/clientes/bb-cron.php
    Content-Type: text/plain; charset=UTF-8
    Auto-Submitted: auto-generated
    X-Cron-Env: <LANG=en_US.UTF-8>
    X-Cron-Env: <SHELL=/usr/local/cpanel/bin/jailshell>
    X-Cron-Env: <HOME=/home/XXXXXXXX>
    X-Cron-Env: <PATH=/usr/bin:/bin>
    X-Cron-Env: <LOGNAME=XXXXXXXX>
    X-Cron-Env: <USER=XXXXXXXX>
    Message-Id: <E1YLDXe-004HU8-7I@XXXXXXXX>
    Date: Tue, 10 Feb 2015 08:20:02 -0800
    
    X-Powered-By: PHP/5.4.36
    Set-Cookie: BOXSID=15d8061e222ad11ce074c777cc6f28ec; path=/
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Content-type: text/html
    I remember that sometime ago I've had a similar issue and I've changed something somewhere but I can't recall how I've done this, how can I disable this from happening?
     
  2. hgrg

    hgrg Well-Known Member

    Joined:
    Oct 4, 2010
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    you have a spammer user sending huge volumes of email with this script:
    public_html/clientes/bb-cron.php
    now i see its likely to be a boxbilling install..
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    It's normal for cron jobs to run from a jailed shell environment. You should ensure the account removes the mailing script if it's ending out SPAM, or suspend the account to prevent that behavior.

    Thank you.
     
  4. Leriss

    Leriss Member

    Joined:
    Dec 18, 2007
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I'm pretty sure I've had the same situation where those crons were going to root@hostname and filling up in the mail queue, however I've set something somewhere and they stopped appearing, could you what could be the option since I've forgot?
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could you elaborate on what the option actually did or what behavior it changed? Did it send the root email elsewhere?

    Thank you.
     
Loading...

Share This Page