[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
- <!--x-content-type: text/plain -->
- <!--x-date: Thu Mar 31 23:48:45 2005 -->
- <!--x-from-r13: elna ng wvzzlrgure.pbz (Dlna Ivyyvnzf) -->
- <!--x-message-id: [email protected] -->
- <!--x-reference: [email protected] --> "http://www.w3.org/TR/html4/loose.dtd">
- <!--x-subject: [ale] tracking down a spammer on our box -->
- <li><em>date</em>: Thu Mar 31 23:48:45 2005</li>
- <li><em>from</em>: ryan at jimmyether.com (Ryan Williams)</li>
- <li><em>in-reply-to</em>: <<a href="msg00574.html">[email protected]</a>></li>
- <li><em>references</em>: <<a href="msg00574.html">[email protected]</a>></li>
- <li><em>subject</em>: [ale] tracking down a spammer on our box</li>
qmailr 19774 0.0 0.0 3436 972 ? S 14:44 0:00 qmail-remote
remotedomain.com anonymous at server1.ourserver.com randomuser at remotedomain.com
and our maillogs show messages being delivered which are certainly spam:
Mar 31 15:07:02 server1 qmail: 1112299622.785136 starting delivery
193807: msg 9536773 to remote randomuser at remotedomain.com
Since the messages are being sent by "anonymous", we are pretty sure
this is a vulnerable PHP script somewhere on the server that is being
used, but we are having the hardest time tracking down which one(s) is
the culprit. Is there any way to track down which domain or script was
used to send these messages?
Thanks!
Ryan
</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<ul><li><strong>Follow-Ups</strong>:
<ul>
<li><strong><a name="00601" href="msg00601.html">[ale] tracking down a spammer on our box</a></strong>
<ul><li><em>From:</em> jkinney at localnetsolutions.com (James P. Kinney III)</li></ul></li>
</ul></li></ul>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00574" href="msg00574.html">[ale] Q: Enabling VNC into Fedora-C3</a></strong>
<ul><li><em>From:</em> Mills.J at ems-t.com (Mills, John M.)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00599.html">[ale] [OT] VoIP recommendations</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00601.html">[ale] tracking down a spammer on our box</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00594.html">[ale] Q: Enabling VNC into Fedora-C3</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00601.html">[ale] tracking down a spammer on our box</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00600"><strong>Date</strong></a></li>
<li><a href="threads.html#00600"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>