The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SMTP Restriction, SPAM Attacks

Discussion in 'E-mail Discussions' started by tmssyed, Aug 17, 2015.

  1. tmssyed

    tmssyed Registered

    Joined:
    Apr 16, 2015
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Saudia Arabia
    cPanel Access Level:
    Root Administrator
    I have recently disable "SMTP Restrictions".

    Problem is that now there is various attack from spammers.

    My server is sending spam email from a domain.

    these users doesn't have any email accounts either in the cpanel , still they are originating from my server.

    Event: success
    Sender User: domain-name
    Sender Domain: domain-name
    Sender: megan_parsons@domain-name ( this user doesn't exist in mail accounts )
    Sent Time: Aug 17, 2015 10:42:10 AM
    Sender Host: localhost
    Sender IP: 127.0.0.1
    Authentication: localuser


    Is the website compromised or my server ?

    Please advice for protection against these act .

    P.S i already have LFD
     
    #1 tmssyed, Aug 17, 2015
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,400
    Likes Received:
    52
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I think your website is sending mail through php mail function. May be your account compromised and due to that your site is sending all these mails. I will suggest you please update your web scripts to latest version and delete all unwanted files from your account.
     
    #2 24x7server, Aug 17, 2015
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,037
    Likes Received:
    1,278
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    The following command can help determine which account has the most email originating from it:

    Code:
    awk '/cwd=\/home\// {print $3}' /var/log/exim_mainlog|sort|uniq -c|sort -n
    The command checks /var/log/exim_mainlog for the paths of scripts in the /home directory that are sending emails, and then sorts them from highest to lowest, based on the number of emails found in the log from that path.

    Thank you.
     
    #3 cPanelMichael, Aug 17, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - SMTP Restriction SPAM
  1. Otávio Serra

    SMTP Restrictions disabled problems with spam list

    Otávio Serra, Jul 25, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    100
    Otávio Serra
    Jul 25, 2017
  2. team_dale

    newsletters through mandrill but everything else through smtp restrictions

    team_dale, Dec 21, 2015, in forum: E-mail Discussions
    Replies:
    1
    Views:
    410
    cPanelMichael
    Dec 22, 2015
  3. Neutrall

    Clarification concernin SMTP Restrictions

    Neutrall, Oct 28, 2015, in forum: E-mail Discussions
    Replies:
    1
    Views:
    518
    cPanelMichael
    Nov 2, 2015
  4. chanklish

    Forbidding users from using another smtp server

    chanklish, Aug 17, 2017 at 10:29 AM, in forum: E-mail Discussions
    Replies:
    1
    Views:
    33
    cPanelMichael
    Aug 17, 2017 at 11:39 AM
  5. zubuz

    SOLVED Weird SMTP AUTH issue

    zubuz, Aug 4, 2017, in forum: E-mail Discussions
    Replies:
    5
    Views:
    96
    cPanelMichael
    Aug 8, 2017

Share This Page