Live Help

Email

Client portal

Finding the script that sends spam email

 September 2, 2015     0 Comments

If you are using cpanel, go a "tail -f /var/log/exim_mainlog | grep cwd" 

That will tell you what directory the files are sending mail from. If you are not using cpanel, it may be under /var/log/maillog



The code below will also tell you what is sending mail and how many times.

grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n

How helpful was this article to you?

cPanel Partner NOC