Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SMTP Restriction, SPAM Attacks

Discussion in 'E-mail Discussion' started by tmssyed, Aug 17, 2015.

  1. tmssyed

    tmssyed Registered

    Joined:
    Apr 16, 2015
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Saudia Arabia
    cPanel Access Level:
    Root Administrator
    I have recently disable "SMTP Restrictions".

    Problem is that now there is various attack from spammers.

    My server is sending spam email from a domain.

    these users doesn't have any email accounts either in the cpanel , still they are originating from my server.

    Event: success
    Sender User: domain-name
    Sender Domain: domain-name
    Sender: megan_parsons@domain-name ( this user doesn't exist in mail accounts )
    Sent Time: Aug 17, 2015 10:42:10 AM
    Sender Host: localhost
    Sender IP: 127.0.0.1
    Authentication: localuser


    Is the website compromised or my server ?

    Please advice for protection against these act .

    P.S i already have LFD
     
    #1 tmssyed, Aug 17, 2015
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,888
    Likes Received:
    90
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I think your website is sending mail through php mail function. May be your account compromised and due to that your site is sending all these mails. I will suggest you please update your web scripts to latest version and delete all unwanted files from your account.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 24x7server, Aug 17, 2015
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,197
    Likes Received:
    1,936
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    The following command can help determine which account has the most email originating from it:

    Code:
    awk '/cwd=\/home\// {print $3}' /var/log/exim_mainlog|sort|uniq -c|sort -n
    The command checks /var/log/exim_mainlog for the paths of scripts in the /home directory that are sending emails, and then sorts them from highest to lowest, based on the number of emails found in the log from that path.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 cPanelMichael, Aug 17, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - SMTP Restriction SPAM
  1. Otávio Serra

    SMTP Restrictions disabled problems with spam list

    Otávio Serra, Jul 25, 2017, in forum: E-mail Discussion
    Replies:
    2
    Views:
    800
    Otávio Serra
    Jul 25, 2017
  2. pixelaté

    SOLVED SMTP Restrictions Disabled but Still Blocked

    pixelaté, Aug 14, 2018, in forum: Security
    Replies:
    4
    Views:
    211
    cPanelMichael
    Aug 16, 2018
  3. autobee09

    SMTP Restrictions Question

    autobee09, May 30, 2018, in forum: Discusión en Español
    Replies:
    1
    Views:
    456
    cPanelMichael
    May 30, 2018
  4. david364

    cPanel and LFD/CSF SMTP restrictions?

    david364, Mar 27, 2018, in forum: Security
    Replies:
    2
    Views:
    853
    cPanelMichael
    Mar 27, 2018
  5. Hymmm

    Email SMTP Entrance IP restriction

    Hymmm, Jan 29, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    261
    cPanelMichael
    Jan 31, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice