My server is sending the spam email and I am not able to find out which script is sending them.
The emails were all from nobody@myhost so disabled from the cpanel that nobody should not be allowed to send emails
Now at least they are not going out, I keep receiving them. This is mail I get:
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed
How to find which script on my server is sending spam emails
Moderator: Staff
cPanel Server Management
@ 30$ Onwards
@ 30$ Onwards
Re: How to find which script on my server is sending spam emails
Log into your server via root. Type the below command if exim is installed on your server
grep "cwd" /var/log/exim_mainlog
OR
tail -n 2000 "cwd" /var/log/exim_mainlog
cwd = current working directory. This is the directory from which the email is sent so you can easily find out the infected script in that directory.
If spamming occurred sometime in the past you can try the below command.
zgrep "cwd" /var/log/exim_mainlog-*.gz
>> A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed
There will be an error code/error message below this line. Check the exact error in the bounce back mail and troubleshoot accordingly.
If there was spamming then your IP might be blacklisted in spam databases and that might be the reason why the email bounced back.
Martin
Support Staff
Nixtree Solutions
Managed Backups || Server Management
https://www.nixtree.com
grep "cwd" /var/log/exim_mainlog
OR
tail -n 2000 "cwd" /var/log/exim_mainlog
cwd = current working directory. This is the directory from which the email is sent so you can easily find out the infected script in that directory.
If spamming occurred sometime in the past you can try the below command.
zgrep "cwd" /var/log/exim_mainlog-*.gz
>> A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed
There will be an error code/error message below this line. Check the exact error in the bounce back mail and troubleshoot accordingly.
If there was spamming then your IP might be blacklisted in spam databases and that might be the reason why the email bounced back.
Martin
Support Staff
Nixtree Solutions
Managed Backups || Server Management
https://www.nixtree.com