I just wanted to follow up on my original post. With the help of Mitel, I determined that the rouge spammers had exploited formmail.cgi on my primary server. From October 9 - October 15, the spammers sent in excess of 150,000 spam messages through formmail.pl. Thank you Charlie and Rich for all of the help in getting my system back to normal!!! My primary server is running SME 5.5 with minimal customization. I was using the formmail.cgi version 1.91 script on my primary website. Seems the spammers have figured out how to exploit the enhanced security features found in this newer version of formmail.cgi. Simply removing this script from my cgi-bin, clearing my mail queue, and rebooting my server solved the problem. Regards, -- Greg J. Zartman, P.E. Vice-President Logging Engineering International, Inc. 1243 West 7th Avenue Eugene, Oregon 97402 541-683-8383 fax 541-683-8144 -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Searchable archive at http://www.mail-archive.com/devinfo%40lists.e-smith.org
