Where can I find IP logs?

stantaylor

Registered
Sep 4, 2014
3
0
1
cPanel Access Level
Root Administrator
AT&T blacklisted emails from us and I have successfully gotten them to unblock us. However, their message to me stated, "ADMINISTRATORS: Please thoroughly check your IP logs before requesting removal. You must determine that all traffic from the blocked IP is actually from your mail servers to ensure your network is not compromised." I have WHM access on my Bluehost site. I looked for IP logs, but could not find them. The only thing I really did was to delete the email account of one user who had an extremely high number of email messages.

I will greatly appreciate any help determining if our server has been compromised.
 

stantaylor

Registered
Sep 4, 2014
3
0
1
cPanel Access Level
Root Administrator
Thanks for the reply. I read the article, and most of the suggestions there were already implemented. I'm really new to WHM. Where do I find /var/log/exim_mainlog? I wonder if Bluehost gives me access to it.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,205
363
You must access your server via SSH and you can review logs using typical linux commands such as "cat" or "tail". Note that you will likely have a difficult time on the command line without Linux experience.

Thank you.