Email Account Compromised
I have a vps on which one of the accounts cPanel username/password was apparently hacked and spam emails were attempted - fortunately damage has been limited (I think) because the domain was limited to 1 email per hour. There has been no actual login to the domains cPanel - only email usage. After discovery I immediately changed the cPanel users password but that has not stopped attempted spam emails that are only going out at 1 per hour (pretty incredible you cant stop them completely). Because this is a non standard email user I cant simply delete an email address. I have tried most of the suggestions posted on this board for hacked email without success. My thinking is that the only thorough solution is to rebuild the domain (yuk) with another username - any thoughts or comments would be appreciated.
-
Hello :) Have you reviewed the email queue to see if the messages that are going out are simply from the queue? If so, you can search for and delete those messages to prevent the SPAM going sending out. Thank you. 0 -
Actually I have been watching the queue and deleting like crazy. Fortunately I found the script yesterday and deleted it so all has been quiet since. I do wish there was some mechanism to shut down email completely from a domain - because even at 1 mail per hour there were probably 1-2 days (24 - 48 emails) of spam that got delivered. Thanks 0 -
You may also want to vote and add feedback to the following feature request: [url=http://features.cpanel.net/responses/as-a-server-administrator-i-want-to-be-notified-me-when-users-reach-their-mail-sending-limits-so-that-i-can-take-swifter-action-against-possible-spammers]Notifications when users reach their mail sending limits | cPanel Feature Requests Thank you. 0
Please sign in to leave a comment.
Comments
4 comments