In my VPS (cpanel/WHM) spam mail were sent by using perl scripts ( like darkmailer ) by hackers ,to stop this i have enabled SMTP_BLOCK option in CSF firewall ( by loading ipt_owner module).Eventhough i enabled SMTP_BLOCK option the spam mails were sent using perl script.I got the following alert from CSF :
Command Line (often faked in exploits):
/usr/bin/perl -w test.pl
Network connections by the process (if any):
tcp: xx.xx.xx.xx:60982 -> 22.214.171.124:25
The CSF does't stop the spam mails and so my VPS IP gets listed in email blacklists (like Backscatter.org,SORBS-SPAM),What can i do to stop these spams ?