Article ID: 118935, created on Nov 29, 2013, last review on May 6, 2014

  • Applies to:
  • Operations Automation 5.4


There is a lot of spam mail outgoing from the mail server. Is it possible to determine the domain from which they are being sent?


The mail logs should contain lines similar to:

Aug 16 11:23:33 linweb02 sender=y100124[22430]: r7G3M2Md022430: to=<EMAIL>, ctladdr=apache (48/48), delay=00:01:31, xdelay=00:00:00, mailer=relay, pri=34431, relay=[] [], dsn=4.0.0, stat=Deferred: Connection refused by []

The sender ID(100124) in the mail log match is the webspace ID that could be found in Provider Panel > Shared Hosting Manager > Webspaces.

Search Words

spam through web server

ac82ce33439a9c1feec4ff4f2f638899 caea8340e2d186a540518d08602aa065 5356b422f65bdad1c3e9edca5d74a1ae 2554725ed606193dd9bbce21365bed4e e12cea1d47a3125d335d68e6d4e15e07

Email subscription for changes to this article
Save as PDF