hi i have a few websites along with qmailtoaster
i noted that one of the websites with wordpress was hacked and using a php script the spammer was injecting emails into the qmail queue ie there is nothing in the smtp logs, but the send logs contained 1000s of remote delivery entries. i use squirrelmail but with smtp authentication only, ie email sent to external domains from my server has to smtp authenticate first. my tcp.smtp is as follows 127.0.0.1:allow :allow,BADMIMETYPE="",QMAILQUEUE="/var/qmail/bin/simscan",BADLOADERTYPE="M",CHKUSER_START="ALWAYS", CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1", DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private" how could the spammer directly inject email to the qmail queue ? what am i missing here ? thanks rajesh
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
