Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Customer has been trojan'ed into a spambot

Discussion in 'General Discussion' started by malk, Apr 12, 2006.

  1. malk

    malk Member

    Sep 29, 2004
    Likes Received:
    Trophy Points:
    I have found out that one of my client's personal computer probably has been botted into sending spam, normally I would just suspend the client until they have cleaned their system, but in this case they are family of a friend and not too computer literate and I am sure that they aren't sending the spam themselves, is there a way I can block their spam without suspending their account?

    Some sort of setting up a reverse spamassasin setup?

    I am pretty sure that they are have been trojan'ed because theirs is the only domain that is sending spam (according to AOL's scomp feedback service) and the IP of the originating spam is fairly consistent.

    They have no php or cgi on their service, in investigating I forced one older client to stop using an old script, but it wasn't coming from that domain.

    I guess before I confront them, I want to be 100% sure their personal computer is sending spam.

    Well, thanks for any help you are able to offer.
  2. chirpy

    chirpy Well-Known Member

    Jun 15, 2002
    Likes Received:
    Trophy Points:
    Go on, have a guess
    You could just change their email/cpanel account password so that they cannot authenticate. Once done, have them install:

    1. Adaware
    2. Spybot Search & Destroy
    3. Free virus scanner (e.g. AVG)

    Once they've cleaned their PC you can set their password back and see how it goes. It might help to enable extended logging for exim to help track back the spam:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice