Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Email accounts abused too frequently?

Discussion in 'Security' started by albatroz, Jun 17, 2018.

  1. albatroz

    albatroz Well-Known Member

    Joined:
    Mar 6, 2003
    Messages:
    320
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Virtual Orbis / Peru
    cPanel Access Level:
    Root Administrator
    During the last month I have noticed that several domains hosted in my CPanel servers had users abused and used to send SPAM.
    This seems unsual to me so I was wondering if there is any setting I should check in the security configuration of my server.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    998
    Likes Received:
    44
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    whats your password strength set to ?
     
  3. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,696
    Likes Received:
    183
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello,


    The first step in the issue is to identify how the email is being sent - is it a password compromise? If so as @keat63 eluded to you may want to increase the password security or is the issue a problem with a script - in this case, you'd need to identify the specific script sending the mail and remove it along with scanning/cleaning all files that are a part of that account.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Remitur

    Remitur Member

    Joined:
    Jan 17, 2018
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ljubljana
    cPanel Access Level:
    Root Administrator
    How is calculated "password strenght"?

    I've just experienced that, if you enter for test@myowndomain.com a password like myowndomain97 , system evaluate to it a strength of 96 ... :-O
    But myowndomain97 (all lowercase!) is a trivial password, and would resist few minutes to a brute force...
     
  5. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,743
    Likes Received:
    110
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    Strongest password on earth will be useless if the computer or device that is using it is infected with malware or a keylogger that is stealing that information.

    This is why you (or the person who keeps getting compromised) has to figure out HOW the compromise is happening. Yes that's hard to do. No it's not as easy as clicking a few buttons. But it doesn't mean it should just be ignored.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice