I have a platform consisting of many web servers doing shared web hosting. These servers run Linux and host tonnes of Wordpress, osCommerce, Joomla and other open source website platforms.
Every now and then (read: several times every day) one of these sites get owned, malicious code is injected and the spamming begins.
I have already taken various measures to prevent this, but it seems like these attacks are escalating more and more.
Therefore, my question is to other sysadmins caring for large scale shared hosting platforms: How do you filter (and report?) outgoing e-mail from your web servers? The e-mail that is sent when users in e.g. PHP uses the mail() function or the localhost SMTP server.