Hi, I used DO tutorials to setup exim for my wordpress websites for outgoing mail sending only. However, I’ve faced the problem with huge outgoing spam. CanI fix this issue with spam assassin solution. If yes, would you please guide me through it. I have Ubuntu installed.
Submit an answer
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
@Arkady: Have you run apt-get upgrade recently?
Thank you, I’ve followed the tut. Here’s what I got: <br>Warning: The command ‘/usr/sbin/adduser’ has been replaced by a script: /usr/sbin/adduser: a /usr/bin/perl script, ASCII text executable <br>Warning: The command ‘/usr/bin/ldd’ has been replaced by a script: /usr/bin/ldd: Bourne-Again shell script, ASCII text executable <br>Warning: The command ‘/usr/bin/lwp-request’ has been replaced by a script: /usr/bin/lwp-request: a /usr/bin/perl -w script, ASCII text executable <br>Warning: The command ‘/bin/which’ has been replaced by a script: /bin/which: POSIX shell script, ASCII text executable <br>Warning: The following processes are using deleted files: <br> Process: /usr/sbin/mysqld PID: 682 File: /tmp/ibah5HJE <br>Warning: Suspicious file types found in /dev: <br> /dev/.udev/rules.d/root.rules: ASCII text <br>Warning: Hidden directory found: /dev/.udev <br>Warning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs’ <br> <br> <br>Looks like nothing is extremely wrong. Am I right?
Hi, <br> <br>When you say that you are having a problem with outgoing spam, do you mean that you believe your server has been compromised? Spamassassin will only help catching spam that is sent to your mail server. If the spam is originating from your server, then you might have a bigger problem. <br> <br>You might want to install something like rkhunter to check for compromised files: <br> <br>https://www.digitalocean.com/community/articles/how-to-use-rkhunter-to-guard-against-rootkits-on-an-ubuntu-vps <br> <br>You should also look at /var/log/auth.log for ssh logins from unknown IP addresses.