On lør 25 dec 2010 19:55:10 CET, ASAI wrote
What is a problem is that there is no user named apa...@triata... and this user is sending hundreds of emails out to Gmail. So it looks like there's been a compromise. My question is, how do I begin to plug this hole?
remove apache unix user from alias, and make sure any webapp use fqdn sender reject non fqdn sender before accept anything rule before permit mynetworks -- xpoint
