Vesta Control Panel - Forum

Community Forum
http://forum.vestacp.com/

How to find original php script of spamming ?

http://forum.vestacp.com/viewtopic.php?f=12&t=15462

Page 1 of 1

How to find original php script of spamming ?

Posted: Wed Oct 25, 2017 11:52 am
by Spheerys
Hi,

Before discovering VestaCP, I was using iscp-omega panel. It was using Postfix and the mail queue was more precise than Exim : Postfix indicated the name of the path/file which send the mail.

Exim is not verbose enough AMHO
For example, "exim -Mvh 1e6yTR-0004iP-R6" just give me few informations, but not the used script :

Code: Select all

1e6yTR-0004iP-R6-H
Debian-exim 105 110
<>
1508848705 0
-ident Debian-exim
-received_protocol local
-body_linecount 59
-max_received_linelength 814
-allow_unqualified_recipient
-allow_unqualified_sender
-frozen 1508848706
-localerror
XX
1
[email protected]

155P Received: from Debian-exim by server.domain.net with local (Exim 4.84_2)
	id 1e6yTR-0004iP-R6
	for [email protected]; Tue, 24 Oct 2017 14:38:25 +0200
042  X-Failed-Recipients: [email protected]
029  Auto-Submitted: auto-replied
062F From: Mail Delivery System <[email protected]>
026T To: [email protected]
059  Subject: Mail delivery failed: returning message to sender
051I Message-Id: <[email protected]>
038  Date: Tue, 24 Oct 2017 14:38:25 +0200


I have found this page : http://www.sudosu.in/2013/02/exim-usefu ... in-of.html
But unfortunatly, the third section (which talking about finding original php files which sending spam) is not working well under debian.

Do you know if there is a way to make Exim more verbose, or use a CLI command to find them all ?

Re: How to find original php script of spamming ?

Posted: Wed Oct 25, 2017 11:54 am
by Spheerys
Whoops sorry, I have found this topic too late : http://forum.vestacp.com/viewtopic.php?f=12&t=13892
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/