[exim] how to block an email sent using a script in EXIM

Top Page
Delete this message
Reply to this message
Author: DL
Date:  
To: exim-users
Subject: [exim] how to block an email sent using a script in EXIM
Hello

I have a CentOS cPanel server and I host about 30 customers in this server.
Sometimes one of these accounts using a CMS get hacked, and the hacker is able to send out spam email using a CMS php vulnerability.
When it happens I see hundred of rows like this below in EXIM log:

2019-07-29 06:40:30 cwd=/home/nordic/public_html 4 args: /usr/sbin/sendmail -t -i -p125

My question is, may I configure temporarily exim.conf to block any email sent from:

/home/nordic/public_html

If yes, how to do that please?


Thank you
Graziano