cloudlets.com.au logo
cloudlets
1300 839 448
  • Home
  • Get Started
  • Pricing
  • Environments
    • Wordpress
    • Magento
    • PHP
    • Node.JS
    • JAVA
    • Ruby
    • Python
    • Go
    • Knowledgebase
      LFD suspicious file alert
      Posted by Will Kruss on 29 August 2024 09:22 AM

      An update in August 2024 for cPanel caused LFD to produce hourly alerts with regards to spamassassin tmp files. The alerts look like this:

      Time:   Thu Aug 29 08:54:52 2024 +1000

      File:   /tmp/.spamassassin1718865sGWF5rtmp

      Reason: Suspicious directory

      Owner:  nobody:nobody (99:99)

      Action: No action taken

      The current solution is to whitelist any spamassassin tmp files in the /tmp folder from being checked by CSF/LFD.

      To do this open WHM -> Terminal or login to SSH and type:

      echo "/tmp\/.spamassassin*" >> /etc/csf/csf.fignore; csf -ra

      This will whitelist /tmp/.spamassassin******* files and reload csf.

      (10 vote(s))
      Helpful
      Not helpful

Help Desk Software by Kayako