The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

how find files which is compromised

Discussion in 'E-mail Discussions' started by Cute_me, Aug 18, 2015.

  1. Cute_me

    Cute_me Member

    Joined:
    Mar 13, 2013
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    I have shared server i have check from mail queue.one domain is sending involved in spam emails but i could not find where from emails sending.I have run Claim scan as well but not found anything.Will tell me through ssh which shell script should i run to find the way which files are involved in spam emails.
     
  2. Osama Tariq

    Osama Tariq Well-Known Member

    Joined:
    Nov 27, 2014
    Messages:
    187
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Lahore, Pakistan
    cPanel Access Level:
    Root Administrator
    Twitter:
    Determine which directory most the SPAM is coming from:

    awk '$3 ~ /^cwd/{print $3}' /var/log/exim_mainlog | sort | uniq -c | sed "s|^ *||g" | sort -nr
     
  3. waqas_websouls

    PartnerNOC

    Joined:
    Dec 9, 2014
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Use the following command to find the most used mailing script's location from the Exim maillog:

    grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n
     
  4. Cute_me

    Cute_me Member

    Joined:
    Mar 13, 2013
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thanks .I have done through maldet.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    I'm happy to see you were able to address the issue. Thank you for updating us with the outcome.
     
Loading...

Share This Page