some time ago I reinstalled my mail server and before I did that I took a copy of /var/qmail for backup.
Then yesterday I was searching for something and wondered what was in a file called A19013.1053705155 in the "webmaster" account folder (it's a mail robot). I guessed that it is the file holding the address to where the robot should forward any resived mails, but to my surprise the address inside was "[EMAIL PROTECTED]" ?!?!?! I checked the same file in my current /var/qmail and the address in there was the right one, so right now everything is as it should be but how did [EMAIL PROTECTED] get in that file? "ls" -l of the backup -rw------- 1 vpopmail vchkpw 21 May 23 2003 A19013.1053705155 -rw------- 1 vpopmail vchkpw 154 Apr 8 2003 message "ls" -l of the current -rw------- 1 vpopmail vchkpw 23 Mar 8 23:33 A20362.1078785226 -rw------- 1 vpopmail vchkpw 154 Apr 8 2003 message Note that in the current the A20362.1078785226 file was modified Mar 8 this year, and I didn't do that ? in "lastlog" I can see that it only is me and root (also me)that have logged into this server, on one else have ever logged in. Is there a security problem in qmailadmin? Does qmail admin have a log (that I can't find) so I can see when changes ware done by who? Any suggestions to how I can trace how this was done? The biggest question is why would anybody redirect mails to my webmaster account to Microsoft? brgds Ulrik
