# Avoid sending spam using php mail function

## ddaas

Hello,

I have a dedicated hosting server with over 500 accounts.

I've found out that my server was listed on some RBL because someone, somehow has sent a lot of spams.

After searching I've found some php scripts which probably were loaded many times. They were sending spams using the php mail function.

My question is: how can I find the scripts that are sending spams (there are thousand of pages)? I see in exim logs the emails but i don't know how can I identify the php pages(in logs the email are sent from nobody@domain to different mail address).

----------

## ddaas

There is somewhere a script that sends spams (to the same address, I think is something hard-coded).

```

2009-01-12 07:29:47 1LLm7F-000868-3U => ***a@yahoo.com R=lookuphost T=remote_smtp H=e.mx.mail.yahoo.com [216.39.53.1]

2009-01-12 07:29:47 1LLm7F-000868-3U Completed

2009-01-12 07:29:48 1LLn6F-0000a1-8v => *****a@yahoo.com R=lookuphost T=remote_smtp H=b.mx.mail.yahoo.com [66.196.97.250]

2009-01-12 07:29:48 1LLn6F-0000a1-8v Completed
```

How can I find who/what is sending that?

Thanks.

----------

## ToeiRei

you could use grep to find specific strings in the php files to narrow your search...

----------

