The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spam emails | 65000 in a day.

Discussion in 'Security' started by chetanmadaan, Apr 4, 2013.

  1. chetanmadaan

    chetanmadaan Member

    Joined:
    Jun 18, 2010
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Hi -

    one of the cpanel accounts on our WHM server was probably compromised and we were hacked... the hacker almost sent a lot of emails to all different email addresses and we got blocked by some major providers (i.e. Gmail).

    Normally, our host would report this to us... but they didn't and now that we are blocked we have to find a solution our-self.

    Is there a way in Cpanel that we can monitor what script is/was generating all these emails?
    Is there a way to disable the mail server on a cpanel account??
    Is there a way to set an alert if more than X number of emails are sent at one?



    P.S. we are on a Dedicated server :)
     
  2. alphawolf50

    alphawolf50 Well-Known Member

    Joined:
    Apr 28, 2011
    Messages:
    186
    Likes Received:
    2
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    For the alerts, this is what you're looking for:

    ConfigServer Security & Firewall

    • It will send alerts when an account sends X emails per hour
    • Alerts when it sees suspicious activity from scripts.
    • About a million other things it can do to help secure your server.
     
  3. georgeb

    georgeb Well-Known Member

    Joined:
    May 23, 2010
    Messages:
    48
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Montreal, QC, Canada
    cPanel Access Level:
    Root Administrator
    You are 100% right. You have to check if the server is compromised at root level, if yes it is useless the rest.

    Regards
     
Loading...

Share This Page