HI My server IP is been blacklisted in some of the RBL, I need the help to stop the spammer from using my server to send the mails, As per the investigation the user as used the cgi scripts and php mailer to send the mails How can i block and avoid the same problem again
Do you use the servers for hosting others domain? if so, you can check which domain is sending the spam and under which users permission the mail sending script is running. If you are thinking about spending some bucks, we can investigate this for you.
Using exim? http://www.surmunity.com/private-hosting/9813-increase-exim-logging-catch-spammers.html i hope this helps
If you know for sure that it is the cgi or PHP script causing the issue first thing is first shut them down. Next do some research and see if the script is out of date of if there are any known issues. Do you host sites for other people? If so this is unfortunately a major downside of shared hosts. You have little control of what users upload. Sometimes you can take preventative measures but scripts will always pass through the net and it is a case of having to pick up the pieces once a problem is found.
Most of outdated PHP/CGI mailer scripts have flaws. I would suggest you to upgrade them. Regards Thibaut