The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spammers send emails from our Server with nonexistent email accounts

Discussion in 'E-mail Discussions' started by Fatih Aytekin, Aug 10, 2015.

  1. Fatih Aytekin

    Fatih Aytekin Registered

    Joined:
    Jul 23, 2015
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Turkey
    cPanel Access Level:
    Website Owner
    Hi,

    Today, we noticed that our several IPs were added to some blacklists. We changed the outgoing IP and when we looked at Mail Queue Manager we noticed that some spammers are sending spam emails from our server with nonexistent accounts.

    This spam action is still in progress. How can they send emails from nonexistent accounts with success? How can we stop this attack?

    We will be appreciated if you help us for the issue.

    Best Regards
    Fatih Ayetkin
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Do you notice any additional information when viewing the message headers of these SPAM messages? What entries do you see for these messages in /var/log/exim_mainlog? This command will help determine which directory the messages are coming from if the SPAM messages are sent through PHP:

    Code:
    awk '/cwd=\/home\// {print $3}' /var/log/exim_mainlog|sort|uniq -c|sort -n
    Thank you.
     
Loading...

Share This Page