Hi, I am having issues, were in some customers account has been hacked, and malicious php scripts are added to sent out mails using socket creation method [ it is similar to sending out mails like telnet localhost 25 ]
The respective logs: 2014-02-05 09:43:50 1WAz1K-001Zgy-HT H=localhost [127.0.0.1]:50015 Warning: "SpamAssassin as cpaneleximscanner detected OUTGOING smtp message as NOT spam (-1.0)" 2014-02-05 09:43:50 1WAz1K-001Zgy-HT <= [email protected] H=localhost [127.0.0.1]:50015 P=smtp S=825 [email protected]="=?utf-8?B?0JrQsNC6INC30LAg0LzQtdGB0Y/RhiDQt9Cw0YDQsNCx0L7RgtCw0YLRjCA4Nzk1JD8=?=" for [email protected] This is creating spamming issues, and blacklist of servers. If I disable port 25 connections to localhost, the mail functionality would be affceted [as cron mails are sent via localhost]. Is there any way I can handle this situation. Please assist. -- Regards, Soumya -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
