Problems With Spam
I currently am overwhelm by spam email to /home/*****/mail/new coming from probably some spam script hidden in one of my many site. I set all my site Email Routing to Remote Mail Exchanger and delete all MX entry, putting firewall block on port 25 and I'm still getting them. Can I use the Default Address function and pipe them to some script to auto delete them somehow from Harddrive? Any expert who handles this before can give some advice? I just want them gone and never written to hard drive. Thanks.
-
Hi @charisma09 Ultimately you want to find out where the spam is originating from then you can identify how to remove it. If you think there's a script sending the mail running something like: grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n
Will show each directory in the exim logs mail was sent from and how many were sent. Let us know the output of this if you need any assistance. Thanks!0 -
Sorry for butting in but this is very interesting. @cPanelLauren, what is the time frame of that code...like all emails sent today, all week or what? 0 -
Sorry for butting in but this is very interesting. @cPanelLauren, what is the time frame of that code...like all emails sent today, all week or what?
It depends on how long it's been since the exim_mainlog was rotated. I've seen some folks that don't rotate theirs often so it'll go back pretty far but usually the log file is rotated every few days. Thanks!0 -
Ok, thank you very much! :) 0 -
You're very welcome @Skhilled44 0
Please sign in to leave a comment.
Comments
5 comments