Am 28.07.2011 15:49, schrieb Michael Orlitzky: > On 07/27/11 17:41, Reindl Harald wrote: >> >> >> Am 27.07.2011 23:22, schrieb Wietse Venema: >>> >>> Is this machine running a webserver? Look in the access logs >> >> if this is the reason consider disable smtp on 127.0.0.1 >> because most of dumb injected scripts are trying this instead >> the network address! >> >> disable php's mail()-function and every function >> which can excecute shell commands is mandatory >> (shell_exec, exec, popen.......) > > You can't really disable mail() on a web host, but PHP recently made it > not-impossible to monitor its use:
i can and i do on a bundle of hosts for > 500 domains since nearly ten years - if you can't speak not for me!
signature.asc
Description: OpenPGP digital signature
