The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SMTP Restriction, SPAM Attacks

Discussion in 'E-mail Discussions' started by tmssyed, Aug 17, 2015.

  1. tmssyed

    tmssyed Registered

    Joined:
    Apr 16, 2015
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Saudia Arabia
    cPanel Access Level:
    Root Administrator
    I have recently disable "SMTP Restrictions".

    Problem is that now there is various attack from spammers.

    My server is sending spam email from a domain.

    these users doesn't have any email accounts either in the cpanel , still they are originating from my server.

    Event: success
    Sender User: domain-name
    Sender Domain: domain-name
    Sender: megan_parsons@domain-name ( this user doesn't exist in mail accounts )
    Sent Time: Aug 17, 2015 10:42:10 AM
    Sender Host: localhost
    Sender IP: 127.0.0.1
    Authentication: localuser


    Is the website compromised or my server ?

    Please advice for protection against these act .

    P.S i already have LFD
     
    #1 tmssyed, Aug 17, 2015
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,316
    Likes Received:
    45
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I think your website is sending mail through php mail function. May be your account compromised and due to that your site is sending all these mails. I will suggest you please update your web scripts to latest version and delete all unwanted files from your account.
     
    #2 24x7server, Aug 17, 2015
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    35,657
    Likes Received:
    1,138
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    The following command can help determine which account has the most email originating from it:

    Code:
    awk '/cwd=\/home\// {print $3}' /var/log/exim_mainlog|sort|uniq -c|sort -n
    The command checks /var/log/exim_mainlog for the paths of scripts in the /home directory that are sending emails, and then sorts them from highest to lowest, based on the number of emails found in the log from that path.

    Thank you.
     
    #3 cPanelMichael, Aug 17, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - SMTP Restriction SPAM
  1. team_dale

    newsletters through mandrill but everything else through smtp restrictions

    team_dale, Dec 21, 2015, in forum: E-mail Discussions
    Replies:
    1
    Views:
    352
    cPanelMichael
    Dec 22, 2015
  2. Neutrall

    Clarification concernin SMTP Restrictions

    Neutrall, Oct 28, 2015, in forum: E-mail Discussions
    Replies:
    1
    Views:
    460
    cPanelMichael
    Nov 2, 2015
  3. Mehrdad Tari

    cannot send mail via smtp

    Mehrdad Tari, Jun 25, 2017 at 2:51 AM, in forum: E-mail Discussions
    Replies:
    2
    Views:
    43
    cPanelMichael
    Jun 26, 2017 at 10:45 AM
  4. Leonardo Peixoto

    Erro SMTP: [550] SMTP disable for leonardo contact suport

    Leonardo Peixoto, Jun 13, 2017, in forum: E-mail Discussions
    Replies:
    1
    Views:
    39
    cPanelMichael
    Jun 13, 2017
  5. Webdew

    Wrong SSL certificate returned on SMTP TLS connections

    Webdew, Jun 12, 2017, in forum: Security
    Replies:
    1
    Views:
    54
    cPanelMichael
    Jun 13, 2017

Share This Page