Locate spam activity

Hi

I am new in WHM/cPanel and I have VPS (centOS) on which i host up-to-date Wordpress sites, with up-to-date licenced theme and plugins.

So I am total noob, with no money to pay for some system administrator or CSF i have to fight the potential spam by myself.

I know how to locate spam activity by subject with command:

Code:

 awk -F"T=\"" '/<=/ {print $2}' /var/log/exim_mainlog | cut -d\" -f1 | sort | uniq -c | sort -n 

or by looking what email account was logging in more often then others with command:

Code:

grep -Po '(?<=A=(dovecot|courier)_(login|plain):)[[:alnum:]-_+@.]+' /var/log/exim_mainlog | sort | uniq -c | sort -n | grep -v 'service__auth__exim'

by the most used mailing script's location:

Code:

grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n

Do you have some other method of finding spam activity? Thank you very much!

 

Thank you very much!