Random Email Accounts Appearing

A

atlantishd

Registered
Jul 16, 2010
4
0
51
Hi,
I am not sure If this is an email or security issue but I thought I would start with email.
I run a server with around 28 sites, mostly running Joomla 2.5 but a few with the old 1.5 which are being upgraded.
I went to add a new email account to a client’s account today and noticed several random accounts had already been created, the client has not added them, and I have not, I have checked the other users on the server and it seems that a lot of the sites have these random accounts, I thought is was due to Joomla 1.5 being unsecure now, but some of these clients are not even running a CMS?

Server details:
Centos 6.4
WHM 11.38.2 (build 3)


Any thoughts please would be very much appreciated.
Thanks,

Tim
 
R

Rhuan

Active Member
Nov 10, 2010
43
0
56
Brazil
cPanel Access Level
Root Administrator
Hi :)

Your computer or of your client is infected, to create mail accounts we need to access cPanel, if this is a Joomla due the cracker/hacker can deface your site or inject files...

Please reinstall your OS and change all passwords (the same for your client)...
 
A

atlantishd

Registered
Jul 16, 2010
4
0
51
Thanks for the reply, due to the server being very outdated I am moving to a new server anyway. I did have an issue a few months ago when clamd failed, but that was fixed. I can only assume that these are a result of that issue. I plan to use cpanel backups and restore to move clients to the new server, I will check all acocunts files first, but if I find nothing can I assume this issue should not follow?

Thanks

Tim
 
A

atlantishd

Registered
Jul 16, 2010
4
0
51
Sorry just to add, these email accounts appear to be on every single user account on the server. Root has no access to users cpanels, csf is installed, ssh port is non standard and all clients passwords are cpanel generated ones that score no less then 95.

Is there an area where I should be focusing on where this could have happend?

Thanks again

Tim
 
I

Infopro

Well-Known Member
May 20, 2003
17,075
524
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
Root has no access to users cpanels
Click to expand...
root, has access to everything. Just because the option to enter a users cPanel via WHM is disabled, does not stop root from having access to the account. root has access to the entire server.

If you're unsure of the way forward, you might like to know about the cPanel Application Catalog where there are listings for SysAdmin services:
cPanel App Catalog
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
L Email spam randomly started Email 1
S Random emails not sending first few times Email 3
DarkxPunk Individual Emails Disappearing at Random Email 1
G Something is sending spam emails from random generated emails @mydomain Email 5
S Send email using a random IP? Email 2
Similar threads
Email spam randomly started
Random emails not sending first few times
Individual Emails Disappearing at Random
Something is sending spam emails from random generated emails @mydomain
Send email using a random IP?
Top Bottom