Welcome to WebmasterWorld Guest from 220.127.116.11 , register , login , search , subscribe , help , library , PubCon , announcements , recent posts , open posts Subscribe to WebmasterWorld
spammer on server, can't find the script Hammer65 msg:3971534 9:48 pm on Aug 13, 2009 (gmt 0) I have a cpanel server that apparently has a PHP script sending spam. There are quite a few accounts on the machine and I can't seem to find the script that is doing it. Any suggestions on how to track it down?
yz0rx msg:3971682 6:32 am on Aug 14, 2009 (gmt 0)
You can try this in the directory: find ./ -name *.php ¦ xargs grep -w "mail("
This will search for any PHP files containing the mail() function. From there, you can get an idea of which scripts are sending emails out.
If it's a script that allows visitors to send emails out (such as a 'email this' or 'share this'), a captcha may be needed so bots can't abuse it.
yz0rx msg:3971683 6:39 am on Aug 14, 2009 (gmt 0)
Also found "How To Log Emails Sent With PHP's mail() Function To Detect Form Spam". Then you can read the logs. I have not tried this, but looks like a good idea.