I had never thought I need to worry about spam much but since I am doing more hosting and taking on more clientele it was bound to happen sometime. If you read above you will see the frantic time I had searching for who may be spamming on my server. I never did find anyone and ended up being pretty sure that the spams in question were spoofs. But I did manage to come across some good scripts and spam tracking methods in the process.
The first thing I found was this very handy and easy to implement method at webhostgear
This was pretty handy because it can show you where the mail requests are coming from. Another way to prevent installing phpsuexec is fine by me.
I had remembered that the configserver firewall I tried once had spam tracking features among a few other handy things, the one being most useful to me is you can sett the connection flood ban to permanent unlike dos deflate, this can be very useful because I don’t know how many times I have got the emails of dos deflate banning an ip and that very same ip getting banned again. So that is a plus, the reason I never went with it before is because unlike dos deflate it does not have the ignore ip feature, like when it first bans an ip the connections are still showing in netstat, the configserver connection tracking cron will keep sending alerts and trying to ban the ip each time the cron runs so you can fill your inbox up pretty quick. But overall the pros outweigh the few cons. I had always been a die hard apf/bfd/dos deflate user but now it is all in 1 with this configserver firewall I like it, So I am running it now and will be installing on some more boxes later.
Considering hiring configserver services to help me investigate this spam problem I got to looking on their site and they had more leet tools and handy tutorials, Here all is what I found and installed on my servers today and already got much use of them. their main url is http://www.configserver.com/ they have lots of free and useful things to offer.
The ConfigServer Mail Queues can be an essential tool for:
* Determining why inbound or outbound email delivery is failing
* Deleting bounce emails
* Deleting frozen (undeliverable) emails
* Forcing queue runs (especially useful for Smart Router emails to Exchange servers that are intermittently online)
* Integrates with MailScanner, if installed, to offer views/deletion of email in both the Pending and Delivery queues
* Searching for and viewing/deleting emails to/from specific domains and addresses
* Viewing the email history from the exim mail logs for specific emails
* Retry delivery for specific emails
Note: very leet and handy tool, a must for cpanel 
This is an exclusive! and free! add-on product for cPanel/WHM. The product provides you with an interface to the cPanel user accounts email configuration without having to login to their accounts. It is domain based rather than account based and allows you to do all the following from within WHM:
* View, edit and delete email accounts
* View, edit and delete email forwarders
* View, edit and delete email filters
* View and modify email account quotas
* Modify email account passwords
So if you have a cpanel server and you don’t know about these great addons for cpanel I advise you go check it out
Related Articles
1 user responded in this post
test