The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Customer has been trojan'ed into a spambot

Discussion in 'General Discussion' started by malk, Apr 12, 2006.

  1. malk

    malk Member

    Joined:
    Sep 29, 2004
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    I have found out that one of my client's personal computer probably has been botted into sending spam, normally I would just suspend the client until they have cleaned their system, but in this case they are family of a friend and not too computer literate and I am sure that they aren't sending the spam themselves, is there a way I can block their spam without suspending their account?

    Some sort of setting up a reverse spamassasin setup?

    I am pretty sure that they are have been trojan'ed because theirs is the only domain that is sending spam (according to AOL's scomp feedback service) and the IP of the originating spam is fairly consistent.

    They have no php or cgi on their service, in investigating I forced one older client to stop using an old formmail.pl script, but it wasn't coming from that domain.

    I guess before I confront them, I want to be 100% sure their personal computer is sending spam.

    Well, thanks for any help you are able to offer.
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You could just change their email/cpanel account password so that they cannot authenticate. Once done, have them install:

    1. Adaware
    2. Spybot Search & Destroy
    3. Free virus scanner (e.g. AVG)

    Once they've cleaned their PC you can set their password back and see how it goes. It might help to enable extended logging for exim to help track back the spam:
    http://forums.cpanel.net/showpost.php?p=244823&postcount=2
     
Loading...

Share This Page