Am 27.07.2011 23:22, schrieb Wietse Venema: > > Is this machine running a webserver? Look in the access logs
if this is the reason consider disable smtp on 127.0.0.1 because most of dumb injected scripts are trying this instead the network address! disable php's mail()-function and every function which can excecute shell commands is mandatory (shell_exec, exec, popen.......) a this way secured server will not sending blind any mail attempt and in combination with sasl-auth there is no way for the attacker, and even if a allowed script is vulnerable you would see the username in the logs and know who is responsible
signature.asc
Description: OpenPGP digital signature
