Getting emails (SPAM) from another server through PHP script

Michaelit

Well-Known Member
Aug 5, 2015
82
9
58
Greece
cPanel Access Level
Root Administrator
Dear cPanel members i need your advice for an important issue i face the last days.

I have found that a PHP script hosted on an external Server send from [email protected]* where MYDOMAIN.TLD is a domain of mine hosted on my cPanel Server.

So From [email protected] sender to [email protected] recipient ask users to visit a link and apply cPanel credentials. Please check the attached file.

I have blocked the IP of the server where the script is hosted however i would like to avoid sending messages from domains hosted on my server.


CSF + Centos 7.x + cPanel latest version.
[email protected] is a non existed account.
 

Attachments

Last edited by a moderator:

ankeshanand

Well-Known Member
Mar 29, 2021
99
30
18
India
cPanel Access Level
Root Administrator
PHPmail function cannot be stopped but for making your Email Server genuine, Add SPF, DKIM and DMARC Records in DNS of your Domain. After that, All the mails sent in the name of your domain not related to the IP Address you mentioned in records will go into SPAM and only the Emails you send from your server would be delivered to Inbox. You can also submit a Greylist Report on Online Blacklist Managements for the Abuser IP Address or can make a Takedown request on abuser IP Address with the Mentioning of "spam/scam messages"
 

Michaelit

Well-Known Member
Aug 5, 2015
82
9
58
Greece
cPanel Access Level
Root Administrator
Dear @ankeshanand,
i have already implemented SPF, DKIM and DMARC recorder in DNS however i received such mails.

You can also submit a Greylist Report on Online Blacklist Managements for the Abuser IP Address or can make a Takedown request on abuser IP Address with the Mentioning of "spam/scam messages"
Can you please give me more information about how i could apply such info and where?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,092
780
313
cPanel Access Level
Root Administrator
Reporting the user as mentioned is really the only thing you can try to help stop this activity. It's very easy to fake "from" addresses to spoof emails, so there isn't a way to permanently stop this type of behavior, but sending in that report will at least be a start.
 

Michaelit

Well-Known Member
Aug 5, 2015
82
9
58
Greece
cPanel Access Level
Root Administrator
Thank you for your replies.
So i guess there is no an option where i could stop the process of being sent an email message as my own email account through PHP script.