How to detect spam and take actions on a Linux WHM/cPanel server

June 5, 2024 / cPanel & WHM

This knowledge base provides a guide for detecting spamming on a Linux WHM/cPanel server and taking necessary actions to mitigate it using Exim and other commands.

Follow the steps-

  1. Checking Spamming-
    1. Log into Your WHM/cPanel Server by accessing it via SSH or a secure terminal.
    2. Check the Exim Mail Queue by using the following command to identify suspicious email activity:
      Identify email activity
    3. Identify Suspicious Emails by examining the queue for unusual email senders or patterns. Focus on emails with high volumes or abnormal content.
    4. Review Mail Logs by examining Exim mail logs for detailed information on email transactions and potential spam sources:
      Review Mail Logs
  2. Taking Action on Spamming-
    1. Identify the Abusive Sender by checking or removing email from mail queue for the sender responsible for spamming, focusing on the volume of sent emails.
    2. Suspend the Sender’s Account if the spammer is a user on your server by suspending their account via WHM/cPanel.
    3. Block the Sender’s IP Address by using server firewall rules to block the IP address of the abusive sender.
      For example:
      Block the Sender’s IP Address
    4. Remove Spam Emails from the Queue by deleting them from the Exim mail queue using the Exim command:
      Exim command
    5. Restart the Exim mail server to apply changes and ensure smooth operation.
      Restart the Exim mail server

This way, you can detect spam and take action on a Linux WHM/cPanel server. If you encounter any issues, feel free to contact our support staff.

Spread the love