Find and fix spam abuse on your server
If you suspect hackers have abused your server to send email without your knowledge, we have tools to help you clean up the server and help prevent the same issue from happening again.
The tools you can use depend on your operating system, control panel, and MTA (Mail Transfer Agent). If we don't have tools for your server's configuration, we recommend looking for other resources.
Note: For all servers, we recommend ensuring your relays are closed.
Linux and cPanel
cPanel has the following information to help you find problems on your server:
- Sent Mail Statistics reports provide a general overview of the users and domains that have sent messages over a specific time period and is helpful for isolating potentially compromised sites that are sending messages.
- Relayers reports show which accounts have been sending the most messages, which can show you which email account is responsible for spamming.
- Mail Statistics Summary shows a summary of all mail statistics, which can give you an idea where the spam on your server's originating.
For those using Exim, see Find SPAM senders using Exim with SSH.
Linux and Plesk (Qmail and Postfix)
Depending on which MTA you use, see this Plesk documentation for finding the domains running spam scripts on your server:
Windows and Plesk (MailEnable)
MailEnable has the following documentation: How to clear the queues if a spammer abuses the server.