CWP is automatically saving to the log when PHP is sending mail using mail() function.
This allows you to easily track a spammer by checking the log file.

Minimum supported PHP version is: PHP 5.3

Log File:


CWP will add a header to mail source for all outgoing emails sent by PHP scripts.
Here is an example of the mail source:

X-PHP-Originating-Script: 505:file.php

** The number 505 is the user UID from /etc/passwd, the file.php is the script sending the mail.

You can find a more detailed logs on the server.
An example of log in the: /usr/local/apache/logs/phpmail.log

mail() on [/home/USERNAME/public_html/wp-content/file.php:83]: To: -- Headers: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed; delsp=yes Content-Transfer-Encoding: 8Bit X-Mailer: Drupal Sender: From:
Don't forget to install mod security with automatic update of rules within you CWP to prevent any further hacking of your sites.