The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Trouble Shooting Spammers

Discussion in 'General Discussion' started by bmcpanel, Aug 3, 2003.

  1. bmcpanel

    bmcpanel Well-Known Member

    Jun 1, 2002
    Likes Received:
    Trophy Points:
    I am trying to find out why my server mail volume is so high. Just last night, I reconfigured PHP with PHPSUEXEC and I disabled the user "nobody" from sending email. But, I still see "root" as a sender of email, which I thought would stop with PHPSUEXEC AND SUEXEC.

    Top 50 local senders by volume
    1230 7020KB mailnull
    45 1202KB root
    126 59KB dapper
    19 18KB bsmc01ac
    25 14KB credoweb
    2 6478 cpanel
    7 5749 lotawa
    10 4953 michael2

    I then checked the mail stats in WHM and I see the following section. Why is local the target of so much incoming mail. Is someone spamming this server? Is there some way to find out who is sending email to local?

    Top 50 host destinations by message count

    3282 37MB local
    118 519KB
    94 384KB
    63 241KB
    56 350KB
    53 210KB
    52 356KB
    44 205KB
    43 1201KB
    41 69KB
    25 117KB
    25 110KB
    15 57KB
    13 52KB Support Ticket Number:
  2. anand

    anand Well-Known Member

    Nov 11, 2002
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    DataCenter Provider
    the local can be your incoming mails as well.

    Also what mail processes you see will be people using their mail clients to relay from your server.

    The best way to check how many mails are there in queue, you can check the queue from the WHM. This will give you an idea who is sending mails usually. Also incase there is a compromised script on your server which allows some spammer to connect to, you can also some to know about that from here from reading suspicious looking emails. Support Ticket Number:

Share This Page