Hello, Since installing a new slackware server with apache and sendmail out-of-the-box, I have noticed my server is sending (moderate amounts of) spam worldwide. I suspect some webform or cgi-script. In the apache log, I see lots of these entries:
"POST http://87.118.100.88/proxy5/check.php HTTP/1.1" 404 297 "POST http://82.228.61.77:49627/Chcks/Data_I.php HTTP/1.1" 404 297 Have no idea what these scripts do (they certainly aren't mine!) but probably they use my localmailer to send spam. I believed external script was supposed to be forbidden (as the 404 may indicate), but maybe there's a bug when calling them from a POST? Any (other) suggestions?
