Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How can I find out if my server is sending spam?

Discussion in 'E-mail Discussion' started by ameran, Jan 31, 2016.

Tags:
  1. ameran

    ameran Member

    Joined:
    Jan 31, 2016
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Website Owner
    Hi,
    I run 2 websites on a VPS. I was told by my hosting service that my server has been sending spams. They deactivated my account till I fix the problem. Because I personally have no idea, how to fix the issue, I got SiteLock service and also cPanel Service Package from ConfigServer Services, where they configured my server to be more secure. Anyway, after all these, my hosting service finally activated my server and I could have my websites online.

    Now, my question is, how can I find out, if my server isn't sending spams anymore? and how can I find out if my server is really secure after all these?

    I really appreciate all your comments and advises.

    Thanks,
    ameran
     
  2. SysSachin

    SysSachin Well-Known Member

    Joined:
    Aug 23, 2015
    Messages:
    604
    Likes Received:
    42
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Check if there are any scripts that are sending spam mail from any account. Login to server and run below command.

    awk '$3 ~ /^cwd/{print $3}' /var/log/exim_mainlog | sort | uniq -c | sed "s|^ *||g" | sort -nr
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. ameran

    ameran Member

    Joined:
    Jan 31, 2016
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Website Owner
    SysSachin,
    I juts ran the command you provided and this is what I got. What does all these mean and do I need to do anything? Note: I have only one email account on the entire server.

    77 cwd=/var/spool/exim
    15 cwd=/
    8 cwd=/var/spool/MailScanner/incoming/12720
    8 cwd=/root
    5 cwd=/var/spool/MailScanner/incoming/18314
    4 cwd=/var/spool/MailScanner/incoming/31143
    4 cwd=/var/spool/MailScanner/incoming/28026
    4 cwd=/var/spool/MailScanner/incoming/21004
    4 cwd=/var/spool/MailScanner/incoming/1280
    4 cwd=/usr/local/cpanel/whostmgr/docroot
    3 cwd=/var/spool/MailScanner/incoming/6900
    3 cwd=/var/spool/MailScanner/incoming/1200
    3 cwd=/var/spool/exim_incoming
    2 cwd=/var/spool/MailScanner/incoming/9687
    2 cwd=/var/spool/MailScanner/incoming/3632
    2 cwd=/var/spool/MailScanner/incoming/21995
    2 cwd=/var/spool/MailScanner/incoming/15818
    2 cwd=/var/spool/MailScanner/incoming/12615
    1 cwd=/var/spool/MailScanner/incoming/9798
    1 cwd=/var/spool/MailScanner/incoming/12798
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,367
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. ameran

    ameran Member

    Joined:
    Jan 31, 2016
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    USA
    cPanel Access Level:
    Website Owner
    cPanelMichael,
    Thank you for your post. I followed all steps in that document and turned on all recommended settings.

    Thanks,
    ameran
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice