How to catch spammer or Scammer in Cpanel server?

1. Open exim.conf
pico /etc/exim.conf

2) Find this;
Ctrl + W: hostlist auth_relay_hosts = *

#########################
Runtime configuration file for Exim #
#########################

3) After hostlist auth_relay_hosts = *

add the following

log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn
4) The final result should look like this

hostlist auth_relay_hosts = *

log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn

#######################################
# Runtime configuration file for Exim #
#######################################

5) Save and restart exim DONE!
ctrl + X then Y
/etc/init.d/exim restart

Now tail your log and watch the show!
tail -f /var/log/exim_mainlog