The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WHM VPS abuse report from Datacenter - How to find which CPanel user is sending SPAM ?

Discussion in 'E-mail Discussions' started by crossing, Sep 21, 2014.

  1. crossing

    crossing Active Member

    Joined:
    Oct 23, 2012
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Reseller Owner
    I just got an email from Datacenter that my VPS IP is sending abuse emails, I have 50 CPanel clients within this VPS using the same IP, email send is limited to 200emails/hour , even so I just received this warning from Datacenter to solve the problem. How can I find which CPanel user is sending SPAM abuse emails ??

    If I don't solve this problem fast my VPS IP will be null routed :confused: and all 50 clients websites will be down.


    Thank you
     
    #1 crossing, Sep 21, 2014
    Last edited: Sep 21, 2014
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    I can see you do not have a root access to check the mails server logs, Please try to contact your hosting provider and ask them to check this.

    If you have root access, Please try with the following command. This command will show you directory path if your any domain is sending the mails through scripts.


    Code:
    awk '$3 ~ /^cwd/{print $3}' /var/log/exim_mainlog | sort | uniq -c | sed "s|^ *||g" | sort -nr

    Also check : https://documentation.cpanel.net/display/CKB/How+to+Prevent+Email+Abuse
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please check to see if they can provide you with an example of an email that was sent out so you can review the message headers in order to determine the source of the message. You may also find the following documents helpful:

    Prevent Email Abuse
    Mail Limiting Features

    Thank you.
     
Loading...

Share This Page