Originally Posted by kbscores
(..) is there a way I can block exim from sending mail to that address? (..)
- Stop your MTA until you figured out what to do.
- Those preg_replace statements were just a symptom
. Running bad homebrewn scripts, outdated software, risky 3rd party plugins, leeched FTP credentials, other malicious activity in a shared host etc, etc may be a few of the causes
. Encountering them pregs twice could point to negligence. So don't wait for your "professional", be pro-active, act responsibly and FIX THE PROBLEM
- See if you can enable the mail header function in php.ini (PHP >= 5.3: mail.add_x_header = on, mail.log = /tmp/php_headers.log) so you can trace back the script with the "X-PHP-Originating-Script" header.
- Configure an email limit for all accounts.
- Have Mailscanner
+ SpamAssassin scan all outbound email (also see EximConfig