Invalid user names sending email


Well-Known Member
Dec 13, 2006
After viewing some statistics I have come across the following.

In WHN -by viewing Email >> View Relayers I see that the server has been used to spam. I need to seal this up wherever it is coming from // whatever means they are using. Its happened under 200 times this month, but its happened nonetheless.

Someone has been able to push spam through the server using non-existing accounts -- which indicates they've purposely targetted this server for the activity. Whoever may have found us through a domain that was migrated to our new host as this was a target on the other server before we moved.

I already had the sendmail configured not to use "nobody" as a default user when no user was called --- sooooooo, this issue exceeds my skill level security wise.

Here is a list of the Invalid user names used and the amount sent through

username:" email sent: 119 bytes: 1913318
username: when email sent: 1 bytes: 1483
username: 50mg email sent: 1 bytes: 2834
username: \"FrUiTCaKeS\" email sent: 1 bytes: 3602
username: you" email sent: 1 bytes: 2225
username: Viagra email sent: 1 bytes: 2561
username: (ns2 server)" email sent: 1 bytes: 796
username: sale" email sent: 1 bytes: 3229

I would appreceiate any information, or a link to a post reguarding a fix for this hole in my securty dam.

Last edited:


Well-Known Member
Nov 27, 2006
Can you give some more information? What version of cpanel/whm are you using? Are you using the mail system that comes as part of cpanel? Are the emails that you are seeing for local accounts or spam that is going to other sites?