--On Tuesday, July 15, 2003 8:17 PM -0600 John Brown <[EMAIL PROTECTED]> wrote:
Nope, I thought it might be operational in nature. ergo spammers and others now scanning for qmail-smtp-auth patch users and using those weak sites as a relay.
I think this *is* operational in nature. FYI, we have found this hack actively being used on seemingly secure qmail, exchange, IMail, postfix servers run by admins with clue. And we have a pattern of the same content and an apparent small set of source IPs. (I'm working on that angle now)
Check your mail logs campers.
-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -= Margie Arbon Mail Abuse Prevention System, LLC [EMAIL PROTECTED] http://mail-abuse.org