The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mail list script sending out spam and crashing server big style

Discussion in 'E-mail Discussions' started by draggle, Oct 19, 2006.

  1. draggle

    draggle Registered

    Oct 19, 2006
    Likes Received:
    Trophy Points:
    I had my account suspended by my web host because -
    "mail list script sending out spam and crashing server big style"

    They tell me that this was caused by some kind of highjacking of Mailman, which is installed under CPanel control. Of course they initially thought it must be me, but they did beleive me when it became clear that I don't have half the knowledge to do such a thing. They have kindly un-suspended my account, but I am aware that the same thing could happen again.

    They tell me I can inspect the CPanel logs to learn more about what happened.

    Which log do I look at and what can I learn?

    All the logs in CPanel seem to relate to web traffic rather than usage of my mailing lists.

    Any help gratefully received. Its tough being a newbie.

  2. rikgarner

    rikgarner Well-Known Member

    Mar 31, 2006
    Likes Received:
    Trophy Points:
    Hi Drag,
    Im afraid im not *terribly* familiar with Mailman, however, if the mail went through Exim, then you want to be taking a look at:


    SSH onto the server, and vi your way through the log. Depending on the level of logging enabled, it will show a varying degree of detail

    As I say, if the problem was caused by someone relaying through you (which is very bad exim config), then the exim mainlog is where its at. If it is a PHP script exploit, then i'm afraid that someone else will need to help :)

    I strongly recommend the ELS script over at servermonkeys:

    Also, If you head into "tweak settings" on your server, you can limit the number of emails a domain sends per hour. Also, under Exim Configuration Editor, "Verify the existance of email senders".
    If you still have problems, I suggest hiring a server admin to tighten things down for you.

    Rich :)

Share This Page