hi, Please read complete before understanding the bug. This is not the first time we have encountered a website running wordpress on our ISPConfig Server. Problem: The hosted domain is able to fork/create processes, which in turn create/fork SMTP processes on the server and the hosted domain is able to listen and then starts sending emails for the hackers' pleasure. this is causing a big blunder on our side, causing the server being blacklisted on most of the RBLs and our legitimate customers are getting panic due to this. even though the PERL extension is disabled completely in the allowed executable paths , strange again, we have postfix already running on port 25 on the server, when I do an "lsof -i:25" is do that the default postfix and the forked processes listening on same port Below is the lsof -i:25 output see what 3rd column is saying, genuine SMTP Processes are running with root, while the forked process is running with the user of the hosted domain I have all details in the attached file, as the maximum size of the message here is 1000, please read the file completely. BUG even though the perl is not in allowed components list, but the website can still run the perl executables very successfully.