The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HELP stop these spammers

Discussion in 'General Discussion' started by techark, Nov 21, 2002.

  1. techark

    techark Well-Known Member

    May 22, 2002
    Likes Received:
    Trophy Points:
    Somehow these spammers have found a hole in all my cpanel servers.
    I have customer that is getting all kinds of bounced email returned to her account when I grep exim_mainlog I found these guys.

    I then started null routing the IP addresses but they come back with more IP addresses then I started checking all my servers and there are entries from thee guys in all my cpanel servers.

    Antirelyd is running I have checked all the obvious things and is not on the accounts they are using to spam from and I can't find any scripts any of these sites have in common.

    So does cpanel have a hole? Anybody else see these in their logs?

    How can I null route these entire domains or a range of IP's?

    2002-11-21 04:57:17 18Eo5F-0007bj-00 &= [] P=smtp S=4737

    2002-11-20 19:26:06 18EfAT-0000QP-00 &= [] P=smtp S=7170 id=2011020004

    2002-11-20 17:47:59 18EddX-0006qr-00 &=* [] P=esmtp S

Share This Page