Skip to main content

How to immediately stop spam users

Comments

5 comments

  • Infopro
    You might find the email sitting in the queue: WebHost Manager "Email "Mail Queue Manager Mail Queue Manager - Version 68 Documentation - cPanel Documentation
    0
  • sparek-3
    If they are using SMTP Authentication to send out these messages, then Exim may be relying on a Dovecot cache since it uses Dovecot for the authentication part. Make sure you are restarting Dovecot (and for good measure, I'd restart Exim too) after changing the passwords to see if that has any affect. That should clear out any cache that these systems are using. I have noticed something similar in the past with this and this helped me.
    0
  • Ruiz
    You might find the email sitting in the queue: WebHost Manager "Email "Mail Queue Manager
    0
  • cPanelMichael
    Hello, Could you open a support ticket using the link in my signature so we can take a closer look to see what's happening? Thank you.
    0
  • sparek-3
    If you know what email account is being used, I would tail the exim_mainlog after you reset the password and clear the dovecot cache and see if the perpetrator is still sending out mail using the SMTP authentication credentials tail -f /var/logs/exim_mainlog | grep '%emailaccount%' I suppose the %emailaccount% could be [plain]user@example.tld[/plain] or [plain]user+example.tld[/plain] or perhaps something else, so you'd have to know what they are using
    0

Please sign in to leave a comment.