I got a report that my CentOS 5.4 is used for sending spam.
From sendmail maillog I can see that apache has been sending a lot of
email to suspicious addresses.
Probably one of the many Apache virtual hosts I have is used for
sending spam. But how to find out which one?
Regards,
Peter
Peter Peltonen wrote:
I got a report that my CentOS 5.4 is used for sending spam.
From sendmail maillog I can see that apache has been sending a lot of
email to suspicious addresses.
Probably one of the many Apache virtual hosts I have is used for
sending spam. But how to find out which
On Tue, Oct 27, 2009 at 10:05 AM, John R Pierce pie...@hogranch.com wrote:
Peter Peltonen wrote:
I got a report that my CentOS 5.4 is used for sending spam.
From sendmail maillog I can see that apache has been sending a lot of
email to suspicious addresses.
Probably one of the many Apache
On Tue, Oct 27, 2009 at 6:50 AM, Peter Peltonen
peter.pelto...@gmail.com wrote:
I got a report that my CentOS 5.4 is used for sending spam.
From sendmail maillog I can see that apache has been sending a lot of
email to suspicious addresses.
Probably one of the many Apache virtual hosts I
Peter Peltonen wrote:
On Tue, Oct 27, 2009 at 10:05 AM, John R Pierce pie...@hogranch.com wrote:
Peter Peltonen wrote:
I got a report that my CentOS 5.4 is used for sending spam.
From sendmail maillog I can see that apache has been sending a lot of
email to suspicious addresses.
Probably
They just say that Apache is sending them, so I cannot pinpoint the
virtual host.
Perhaps time to get rid of one common log file and set up per-host
logs in apache
--
“Don't eat anything you've ever seen advertised on TV”
- Michael Pollan, author of In Defense of Food
Lucian @ lastdot.org wrote:
What you need is this:
http://choon.net/php-mail-header.php
But this requires recompiling PHP..
you're assuming this is being done via PHP, it could as easily be coming
from a bad perl CGI or another similar exploitable web service.
7 matches
Mail list logo
