let me start by saying I'm new to directadmin, so I might be missing something:
I got an email this morning about a server exeding a sendlimit, it sent 20.000+ emails. I've checked the messages, it's getting more each day, and its being send daily:
Warning: 21005 emails have been sent yesterday by hfadmin Today at 00:10
Warning: 16479 emails have been sent yesterday by hfadmin 08/25/2013
Warning: 13305 emails have been sent yesterday by hfadmin 08/24/2013
Warning: 8663 emails have been sent yesterday by hfadmin 08/23/2013
I've found an 'email usage' page, its sending from random senders with the same domainname. The usernames (the part before @) are non-existing and there are allot of them, so locking them by hand isnt an options.
I've tried checking some /tmp directories, and a processlist, and 'ps afx' to find weird activities, but I don't see anything.
My employer usually does these kinds of things, my knowlegde is limited in this category, could someone give me a push in the right direction?
I got an email this morning about a server exeding a sendlimit, it sent 20.000+ emails. I've checked the messages, it's getting more each day, and its being send daily:
Warning: 21005 emails have been sent yesterday by hfadmin Today at 00:10
Warning: 16479 emails have been sent yesterday by hfadmin 08/25/2013
Warning: 13305 emails have been sent yesterday by hfadmin 08/24/2013
Warning: 8663 emails have been sent yesterday by hfadmin 08/23/2013
I've found an 'email usage' page, its sending from random senders with the same domainname. The usernames (the part before @) are non-existing and there are allot of them, so locking them by hand isnt an options.
I've tried checking some /tmp directories, and a processlist, and 'ps afx' to find weird activities, but I don't see anything.
My employer usually does these kinds of things, my knowlegde is limited in this category, could someone give me a push in the right direction?