The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SPAM coming from our server?

Discussion in 'General Discussion' started by coalescefl, Oct 17, 2006.

  1. coalescefl

    coalescefl Member

    Joined:
    Aug 16, 2005
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    Recently I've noticed a spike in SPAM coming into our mailboxes. Checking the Mail statistics in WHM, one of our clients has a massive spike in outgoing mail coming from their domain.

    Is it possible that maybe a client downloaded a worm or something that somehow is sending E-mail to all the E-mail accounts on our server?

    Also is there a way to view all the outgoing messages from the server?

    Thank you !!!
     
  2. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    tail -f /var/log/exim_mainlog

    if you want to view what a specific user has been sending or receiving


    grep username /var/log/exim_mainlog
     
  3. coalescefl

    coalescefl Member

    Joined:
    Aug 16, 2005
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    thanks dalem, I'll give this shot!
     
  4. Ferdinant

    Ferdinant Active Member
    PartnerNOC

    Joined:
    Mar 1, 2005
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    We did installed the php mail header patch. This gives you the ability to track down the location of the sending script if spam has been send by a vulnerable mail(form) script.

    You can find the patch here

    Hope that helps...
     
  5. Rafaelfpviana

    Rafaelfpviana Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    142
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Brazil
    Now that looks interesting, i'm going to check that out.

    Thanks for the tip
     
Loading...

Share This Page