I have an issue to ask here. My server (Cpanel) are used to send spams after finding out from my mail queue that a mass-mailing script was installed and the script are able to spoof the sender (from) as another e-mail. The e-mail sent does not have any detailed header.
I want to know what is the ideal solution that can be done to prevent users from using my server to send out spams.
I have a lot of users, most of them have form-mails on their website and uses them for legit purpose (sending e-mail as 'nobody' to a specified address) such as enquiry form. I do not want this script to stop working just because I apply something very aggresive.
Secondly, can anyone suggest the best way to make my exim mail server write the full path to account or script or something like X-Abuse or anything so that I am able to trace down there is the spam email coming from by just reading the header when I receive an abuse complaint.
I just need a good solution (not too aggresive) to stop users from sending spams by using email or script..
which is a firewall / security checker for things like emailing you if over 50 emails have been sent out from an account, which account, and the exact file location.
When I first started using it, I had to remove my old firewall and use their setup. But it is a pretty good setup. Give it a try, it is a CPanel add-on. If you do not like it , you can just remove the plugin.
You can't really "stop" spam (outgoing). If the user has a valid account, then they're going to end up being able to send out mail. Limiting the amount of mail a user sends out will end up limiting your customer options, because individual mail needs DO vary.
There ARE a couple of php hacks out there that will tell you where the spam came FROM, however, as well as one that will stop multi-bcc's in php forms. Most likely this is what you're looking for.
WHMCS Guru - WHMCS addons, management, support and more. WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
Linux Problems? WHMCS Issues? +1-866-546-8914 (linux-14) or @whmcsguru on twitter!