ruzbehraja

Well-Known Member
May 19, 2011
392
11
68
cPanel Access Level
Root Administrator
What type of mails are going out?

From the headers can you identify which account has been compromised?
It could be a compromised password or a compromised form on the website.

In WHM >> Tweak Settings do you have this option selected:
Prevent “nobody” from sending mail