On 6/14/2017 12:52 PM, Homer Wilson Smith wrote: > > How exactly does httpd drop mail into maildrop hundreds > per minutes and I can't find any process at all that indicates this > is going on even while it is going on. > > Homer > > ------------------------------------------------------------------------ > > Homer Wilson Smith Clean Air, Clear Water, Art Matrix - Lightlink > (607) 277-0959 A Green Earth, and Peace, Internet, Ithaca NY > ho...@lightlink.com Is that too much to ask? > http://www.lightlink.com
Usually this is caused by an insecure web form calling the sendmail command. You'll need to go through your httpd logs to find what form is being abused, and either fix that form or remove it. A temporary fix is to disallow whatever user httpd run as from using the sendmail command # main.cf authorized_submit_users = !www, static:all Where www is the user your httpd runs as. http://www.postfix.org/postconf.5.html#authorized_submit_users Of course the other temporary fix is to turn off the httpd service. -- Noel Jones
