Find spam script location with Exim - VPS / Dedicated Server

In the steps below I'll show how to locate the top scripts on your server sending mail. If any scripts look suspicious, you can check the Apache access logs to find how a spammer might be using your scripts send spam.

To follow the steps below you'll need root access to your server, so you have access to the Exim mail log.

For cPanel Server :

grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n

For Other Server :

grep cwd /var/log/exim/main.log | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n

Was this answer helpful?

 Print this Article

Also Read

How do I backup my entire site in cPanel?

Entire accounts can be backed up by doing the following: Go to 'backup', under the 'Site...

Webamail Access

How to log into webmail Webmail is a great feature offered by cPanel. You can access email from...

MySQL database not showing in cPanel

If database is not showing in cpanel, make sure database exists in the server. If it exists, make...

cPanel addon domain creation: ‘The domain already exists in the Apache configuration.’

Scenario: We might get an error when adding an addon or parked domain via cPanel. The domain...

Unable to see my website

We have sometime receive clients complain of server not reachable, while their IP are blocked by...