The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How can I find out if my server is sending spam?

Discussion in 'E-mail Discussions' started by ameran, Jan 31, 2016.

Tags:
  1. ameran

    ameran Member

    Joined:
    Jan 31, 2016
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Website Owner
    Hi,
    I run 2 websites on a VPS. I was told by my hosting service that my server has been sending spams. They deactivated my account till I fix the problem. Because I personally have no idea, how to fix the issue, I got SiteLock service and also cPanel Service Package from ConfigServer Services, where they configured my server to be more secure. Anyway, after all these, my hosting service finally activated my server and I could have my websites online.

    Now, my question is, how can I find out, if my server isn't sending spams anymore? and how can I find out if my server is really secure after all these?

    I really appreciate all your comments and advises.

    Thanks,
    ameran
     
  2. SysSachin

    SysSachin Well-Known Member

    Joined:
    Aug 23, 2015
    Messages:
    324
    Likes Received:
    24
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Check if there are any scripts that are sending spam mail from any account. Login to server and run below command.

    awk '$3 ~ /^cwd/{print $3}' /var/log/exim_mainlog | sort | uniq -c | sed "s|^ *||g" | sort -nr
     
  3. ameran

    ameran Member

    Joined:
    Jan 31, 2016
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Website Owner
    SysSachin,
    I juts ran the command you provided and this is what I got. What does all these mean and do I need to do anything? Note: I have only one email account on the entire server.

    77 cwd=/var/spool/exim
    15 cwd=/
    8 cwd=/var/spool/MailScanner/incoming/12720
    8 cwd=/root
    5 cwd=/var/spool/MailScanner/incoming/18314
    4 cwd=/var/spool/MailScanner/incoming/31143
    4 cwd=/var/spool/MailScanner/incoming/28026
    4 cwd=/var/spool/MailScanner/incoming/21004
    4 cwd=/var/spool/MailScanner/incoming/1280
    4 cwd=/usr/local/cpanel/whostmgr/docroot
    3 cwd=/var/spool/MailScanner/incoming/6900
    3 cwd=/var/spool/MailScanner/incoming/1200
    3 cwd=/var/spool/exim_incoming
    2 cwd=/var/spool/MailScanner/incoming/9687
    2 cwd=/var/spool/MailScanner/incoming/3632
    2 cwd=/var/spool/MailScanner/incoming/21995
    2 cwd=/var/spool/MailScanner/incoming/15818
    2 cwd=/var/spool/MailScanner/incoming/12615
    1 cwd=/var/spool/MailScanner/incoming/9798
    1 cwd=/var/spool/MailScanner/incoming/12798
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,760
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  5. ameran

    ameran Member

    Joined:
    Jan 31, 2016
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Website Owner
    cPanelMichael,
    Thank you for your post. I followed all steps in that document and turned on all recommended settings.

    Thanks,
    ameran
     
Loading...

Share This Page