We have a Debian 7 server on which Virtualmin-Webmin is installed for serving virtual servers.
Spam emails are being sent continuously and we cannot find out how.
There is NO email set on the server at all. The base sendmail was deleted.
For each virtual server there is a separate mail log which works well: the system logs the emails sent by the web pages.
But in the log there is no trace of the spam mails.
The whole server was checked with ClamAV and all the files in its report were deleted. However even after this the spam emails didn't stop.
On the server there are custom webpages (created by us), Joomla 1.5-3.5 and updated Wordpress systems,
A tárhelyeken egyedi forrású weboldalak, Joomla 1.5-3.5 rendszerek és folyamatosan frissített wordpress rendszerek vannak.
For our emails we use an external SMTP server which is user and password protected and stores all outgoing emails.
We couldn't find the spam emails here either.
How can we track back that from which virtual server sends the spam emails and how the emails are sent?
Thank you very much!