stop emails originating from apache / php

Question

I am running Ubuntu with Webmin / VirtualMin

And I started getting this issue with thousands of emails coming from www-data which is Apache.. somehow from a virtual site.

How can I disable this feature. I want site users to use SMTP that is created and avoid using the sendmail or any other tricks that a injected shell or script could give a malicious user access too?

I use postfix but stopped it for now. The queue still build up with postfix disabled.

Answer 1

Use Apaches mod_status

enable it if it is disabled and temporarily remove disallow all prepending # in front of it. Restart Apache.

go to any site and append www.myvirtualsitedomain.com/site-status

now monitor connections and find the culprate

Thanks to help from Ask Ubuntu