Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Email spam sent through my server

Discussion in 'E-mail Discussion' started by tribulant, Jun 9, 2014.

  1. tribulant

    tribulant Member

    Joined:
    Mar 3, 2014
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Website Owner
    Good day,

    Someone is sending spam through my server.

    This is the mail control data:

    Code:
    contrid 513 501
    <antonie@contrid.com>
    1402319735 0
    -ident contrid
    -received_protocol local
    -body_linecount 53
    -max_received_linelength 135
    -auth_id contrid
    -auth_sender contrid@tri.tribulant.org
    -allow_unqualified_recipient
    -allow_unqualified_sender
    -local
    -sender_set_untrusted
    XX
    1
    safefy-tubs@total-bathtub-deals.me
    I've changed the passwords on that account and for all it's mail accounts and that didn't work so I suspended it and that still didn't work so I have no idea how to stop it.

    Can someone give me some guidance, please?
     
  2. cPanelJared

    cPanelJared Technical Analyst

    Joined:
    Feb 25, 2010
    Messages:
    1,835
    Likes Received:
    21
    Trophy Points:
    143
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Restart Exim and the POP/IMAP service. That will cause the sender to need to authenticate again, which it should not be able to do since you changed the password and suspended the account.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. tribulant

    tribulant Member

    Joined:
    Mar 3, 2014
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Website Owner
    Thanks, will try this now.

    Then, how can I prevent this completely?
    I want to unsuspend the account at some stage because I use it.
     
  4. tribulant

    tribulant Member

    Joined:
    Mar 3, 2014
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    Website Owner
    It seems like this may have worked now.
    There used to be a new email in the queue every few minutes.

    I now changed the passwords again on the cPanel account and also on all the email accounts.
    I then restarted both Exim and Dovecot and no spam emails in the queue yet.

    So if the queue remains clean, it means someone got a hold of the username/password for one of my mailboxes.

    I'll post back here in a couple of hours to let you know.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice