The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Major Spam Problems

Discussion in 'General Discussion' started by ramagea, May 3, 2006.

  1. ramagea

    ramagea Member

    Joined:
    Aug 10, 2004
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Hi there,

    I am getting thousands of emails every day into my inbox, most are bounced from .com.br I had the same problem on my old server so I reinstalled and put on freebsd and copied the accounts back over but it is still happening.

    Ive looked everywhere and tried everything but I cant make it stop. Ps x shows lots of these running:

    90876 ?? S 0:00.00 /usr/local/sbin/exim -Mc 1FbQOd-000NdJ-AX (exim-4.61-1)
    90877 ?? Ss 0:00.04 /usr/local/sbin/exim -Mc 1FbQOd-000Ndh-Na (exim-4.61-1)
    90878 ?? S 0:00.00 /usr/local/sbin/exim -Mc 1FbQOd-000Ndc-I6 (exim-4.61-1)
    90879 ?? Rs 0:00.03 /usr/local/sbin/exim -Mc 1FbQOd-000Ndj-RN (exim-4.61-1)
    90882 ?? S 0:00.00 /usr/local/sbin/exim -Mc 1FbQOd-000Nde-KY (exim-4.61-1)
    90883 ?? S 0:00.05 /usr/local/sbin/exim -Mc 1FbQOd-000Nch-Eq (exim-4.61-1)
    90887 ?? S 0:00.00 /usr/local/sbin/exim -Mc 1FbQOd-000Nch-Eq (exim-4.61-1)
    90889 ?? S 0:00.00 /usr/local/sbin/exim -Mc 1FbQOd-000Nch-Eq (exim-4.61-1)

    Does anyone know what I can do or try?

    Thanks all.

    Al
     
  2. xerophyte

    xerophyte Well-Known Member

    Joined:
    Mar 16, 2003
    Messages:
    216
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    increase the exim log detail and find out where those emals orginate, seems like its orginate from your server, log file should give you which script its sending out and kill that script.

    if that from remote smtp server you might need to block those ips who is trying to send email to you .

    hope this help , you can increase exim log modifying the exim.conf using the WHM config editor log_selector = +arguments +delivery_size +subject

    which will give the command line which is used to send the email and subject of the message


    and you can filter for spam using solutions like mailscanner and many others
     
  3. ramagea

    ramagea Member

    Joined:
    Aug 10, 2004
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Hi there,

    Thanks for the reply, pardon my stupidness but I am not that great on cpanel. I cant find the WHM config editor.

    I get the feeling mail is being relayed through my server, is there anyway to check what user is sending out all this email. I am guessing it is nobody though through a script.
     
  4. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    Tracking down in-house spammers might take time. Afterr adding this code into your exim.conf:
    log_selector = +arguments +delivery_size +subject

    Run this command at the prompt: tail -f /var/log/exim_mainlog to see who's doing what.

    Unless you are comfortable with the cPanel/WHM and shell, otherwise you'll need professional help.
     
Loading...

Share This Page