Skip to main content

Viewing IP Logs

Comments

4 comments

  • quizknows
    I would check your email queue (exim) for suspect mail or to see if an account (email or cpanel account) or website is compromised. You can check /var/log/exim_mainlog but this is very labor intensive. It would be easier to check the mail queue manager in WHM but this can be quite slow if something is actually compromised and sending out spam. Do you have a managed hosting provider support who can help you? They deal with these types of things on a regular basis. I also recommend checking your main IP here : Email and SMTP reputation check it's a little known service but VERY useful because if you are spamming sometimes they can give you the headers so you can find the problem much easier.
    0
  • AllenH
    I do not expect we are compromised. We are leasing a VPS through Bluehost. I could probably get administrator help if something looks fishy. I just wanted to see if I could comply with AT&T's suggestion to check the IP traffic. I watch the Exim logs on a regular basis. Your suggestion sounds like a viable solution; I will just continue to watch them. Thank you very much for your kind help!
    0
  • cPanelMichael
    Hello :) In addition to the existing advice in this thread, you may also want to review the following document and ensure your server is configured properly: How to Keep your Email out of the Spam Folder - cPanel Knowledge Base - cPanel Documentation Thank you.
    0
  • quizknows
    I do not expect we are compromised. We are leasing a VPS through Bluehost. I could probably get administrator help if something looks fishy. I just wanted to see if I could comply with AT&T's suggestion to check the IP traffic. I watch the Exim logs on a regular basis. Your suggestion sounds like a viable solution; I will just continue to watch them. Thank you very much for your kind help!

    A lot of that comes down to how long you've had the server. If you just got it, it's possible the last person with that IP dirtied the reputation. If you have had the server a long time, and are just now having these issues, then the question of compromise becomes a lot more relevant. Best of luck :)
    0

Please sign in to leave a comment.