Early detection and prevention for systems admins
Hello all. This is my first post so go easy on me :) Recently our mail server was compromised and was sending out thousands of emails. I hardened the security settings per cpanel documentation. As a IT Security analyst, I found it very difficult to monitor activity without checking logs or going into the WHM. I think it would be extremely useful for an early detection system to notify systems admins of irregular activity.
My proposal is a cron job that runs through the mail queue manager and sends email reports when there is large number of emails ready to go out that have not been delivered yet due to security restrictions.
The cron job should also go through the mail delivery reports and show deferrals and failures so we can notify our users accordingly.
Would love to know how this is possible as I believe it would be a great tool for all admins to combat spam and any compromised servers. Looking forward to your assistance / thoughts. Thank you!
-
Hello :) Feel free to submit a feature request for this via: Submit A Feature Request Or, vote and add feedback to the following feature request: [url=http://features.cpanel.net/responses/as-a-server-administrator-i-want-to-be-notified-me-when-users-reach-their-mail-sending-limits-so-that-i-can-take-swifter-action-against-possible-spammers]Notifications when users reach their mail sending limits | cPanel Feature Requests Thank you. 0
Please sign in to leave a comment.
Comments
1 comment