The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Early detection and prevention for systems admins

Discussion in 'E-mail Discussions' started by vcongion, Oct 29, 2014.

  1. vcongion

    vcongion Registered

    Joined:
    Oct 29, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    New York, NY
    cPanel Access Level:
    Root Administrator
    Hello all. This is my first post so go easy on me :) Recently our mail server was compromised and was sending out thousands of emails. I hardened the security settings per cpanel documentation. As a IT Security analyst, I found it very difficult to monitor activity without checking logs or going into the WHM. I think it would be extremely useful for an early detection system to notify systems admins of irregular activity.

    My proposal is a cron job that runs through the mail queue manager and sends email reports when there is large number of emails ready to go out that have not been delivered yet due to security restrictions.

    The cron job should also go through the mail delivery reports and show deferrals and failures so we can notify our users accordingly.

    Would love to know how this is possible as I believe it would be a great tool for all admins to combat spam and any compromised servers. Looking forward to your assistance / thoughts. Thank you!
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator

Share This Page