Richard G
Verified User
Is there a way to discover which script is sending spam?
On a cpanel server I can always see it in the headers of mails which are returned.
I always thought this could also be done by adding these lines to exim.conf log_selector:
Seems though our server ip is suddenly on the abuseat blacklist because according to the info the server is infected with cryptphp malware or another spambot.
I can 't see anything in the mailqueue's though. Maldet is running but takes forever to scan the whole server.
Is there another way so the sending script will get mentioned in the mailheader somewhere?
On a cpanel server I can always see it in the headers of mails which are returned.
I always thought this could also be done by adding these lines to exim.conf log_selector:
Code:
+connection_reject \
+address_rewrite \
+all_parents \
+arguments \
Seems though our server ip is suddenly on the abuseat blacklist because according to the info the server is infected with cryptphp malware or another spambot.
I can 't see anything in the mailqueue's though. Maldet is running but takes forever to scan the whole server.
Is there another way so the sending script will get mentioned in the mailheader somewhere?