The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

got a user that's having problems with spam mail sent from his account

Discussion in 'E-mail Discussions' started by Hedloff, Aug 6, 2004.

  1. Hedloff

    Hedloff Well-Known Member

    Joined:
    Jun 7, 2004
    Messages:
    98
    Likes Received:
    2
    Trophy Points:
    8
    **************
     
    #1 Hedloff, Aug 6, 2004
    Last edited: Aug 20, 2004
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    1. Are you seeing bounce messages (i.e. a spam/virus is using their email address in the email header) or are they the original messages coming from your server?

    2. You need to establish whether the emails are being generated locally (e.g. through a script) or remotely (someone has gained access to their account)

    3. If they're being generated locally on your server, then that use most likely has a vulnerable CGI or PHP script in their account
     
  3. Hedloff

    Hedloff Well-Known Member

    Joined:
    Jun 7, 2004
    Messages:
    98
    Likes Received:
    2
    Trophy Points:
    8
    The user have changed all password that is possible to change.
    And there are no cgi/php scripts that i can find locally on the server, so i'm kind of stuck here.

    How can i find out if he's bounceing the messages?
    Before it was sending like 2000mails each day, now it's about 150mails.
     
Loading...

Share This Page