Author Topic: huge number of emails being sent  (Read 2287 times)

0 Members and 1 Guest are viewing this topic.

Offline
**
huge number of emails being sent
« on: February 26, 2022, 07:46:29 AM »
A particular user is sending many emails as per mailserver stats.

This is not a regular emails. The actual emails hardly send few emails every week.

I see user@server email id sending many many emails.

How to identify the compromised program? Where can I see the logs

Offline
**
Re: huge number of emails being sent
« Reply #1 on: February 26, 2022, 01:00:41 PM »
The logs for the mails can be found here:

File Management -> CWP Log Viewer -> choose maillog

there you can see if the mails are sending from internal or if someone is connecting from external to send mails.

You should also check here: https://mxtoolbox.com/SuperTool.aspx -> select test Email Server to see if you are an open mail relay

Offline
*
Re: huge number of emails being sent
« Reply #2 on: February 27, 2022, 12:12:13 PM »
you should first check the maillog to see if you have hacked email account password or malware files
http://wiki.centos-webpanel.com/tracking-php-script-spam
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
***
Re: huge number of emails being sent
« Reply #3 on: February 28, 2022, 01:24:27 PM »
A particular user is sending many emails as per mailserver stats.

This is not a regular emails. The actual emails hardly send few emails every week.

I see user@server email id sending many many emails.

How to identify the compromised program? Where can I see the logs

I'm getting the same thing in my email queue.  Messages from CSF LFD and cronjobs
Listen to everything Pixelpadre says.