Sending spam from my vps

smeko

• February 26, 2020 04:49

Hello, I am administrating a vps server with only one account. From this account are generating too many spams where username which is sending spam does not exist in my email accounts list and it is different every time, it is a fake username. I checked mail queue manager and there are sending thousands of spams from different fake address using my domain. How can i resolve this problem ?

• 

  em.ci

  • February 26, 2020 15:09

  Can you provide more information? What do you see in the exim log? There can be many reasons: - Your website's contact form is being abused. - One of your mail accounts has been hacked and the spammers send mails with a fake sender. - spam script

  0
• 

  cPanelLauren

  • February 26, 2020 16:03

  Based on what you've said it sounds like you have a script sending spam. The following should give you a good idea of where the spam is originating from: grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n
  Once you find the directory it is originating from you can check the files within that directory. I'd also advise running a malware scan with something like imunify, maldet or ClamAV

  0

Please sign in to leave a comment.