how to stop internal spam and virus attacks

Hello all,

We were using an alternative panel for our hosting and projects.
One of the biggest problem was viruses which opens holes in the customer accounts and sent dozens of emails.

Is there a way to stop or prevent this type of attacks.

Csf is only reporting locay relay actions after they occured.

There are several exim and antispam configurations in our old panel.

What is the way for virtualmin or webmin?


Any suggestions?

Vmin/Wmin comes with ClamAV and is decent solution but not great. I tested several times ClamAV and while it detects majority of the viruses still in some cases its not reacting (for whatever reason) and the infected file was sitting untouched as email attachment.

If you want something really good you should go with external service, limited to just scan your emails or as complete email solution. In second case i can suggest Zohomail what is similar to GoogleApps but much cheaper.

For sending spam almost always the problem is with old scripts like outdated Wordpress (or any other CMS) and their addons, poor coding of addons or using nulled themes and addons. Rarely happens that server who is sending spam was compromised by user account.

If you are in charge to keep safe and updated your clients websites then its up to you to find a solution otherwise is duty of your clients to take responsibility for their action or lack of them.

What is best solution? Thats left for you to decide, either way there is no magic script what will do all work for you and keep your server safe. Checking logs and see how hackers try to find new way to get your server compromised is daily job and someone should dedicate his/her time to prevent such thing to happen.

P.S. based on my personal experience i find fail2ban much better than CSF, but thats me.