]>;
Sent: Friday, September 24, 2004 1:41 PM
Subject: Re: Spammers using my server
> As a another good step, just SA scan ALL incoming and outgoing mail.
>
> Run a vulnerability scan against your server, nessus or sara against your
> machine to find what is being exploited.
>
postfix servers can forward out through our SMTP proxies.
Gary
-Original Message-
From: jdow [mailto:[EMAIL PROTECTED]
Sent: Friday, September 24, 2004 9:21 AM
To: users@spamassassin.apache.org
Subject: Re: Spammers using my server
Some system on your internal network is "owned&
As a another good step, just SA scan ALL incoming and outgoing mail.
Run a vulnerability scan against your server, nessus or sara against your
machine to find what is being exploited.
--
Luke Computer Science System Administrator
Security Administrator,College of Engineering
Montana State Univer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jay Ehrhart writes:
> The non-deliverable reports are coming from my Linux apache user.
> Non-deliverables usually come from root. I am running apache on the server
> with forms. The forms software is the latest version and patches.
>
> Can anybody
Some system on your internal network is "owned" by a hacker network. It
is time to clean all your windows machines COMPLETELY of viruses.
{^_^}
- Original Message -
From: "Jay Ehrhart" <[EMAIL PROTECTED]>
> This morning I had over 7000 emails in my Linux server's outbound queue
> which
At 10:39 AM 9/24/2004, Jay Ehrhart wrote:
This morning I had over 7000 emails in my Linux server's outbound queue
which I deleted. My firewall log shows over 20,000 emails went out with a
SunTrust bank announce saying to login and enter your username and password.
I do not see the emails coming in
* Jay Ehrhart <[EMAIL PROTECTED]>:
> This morning I had over 7000 emails in my Linux server's outbound queue
> which I deleted. My firewall log shows over 20,000 emails went out with a
> SunTrust bank announce saying to login and enter your username and password.
> I do not see the emails coming
This question isn't really appropriate to a SpamAssassin forum.
For what it's worth, it sounds like someone exploited an Apache vuln on
your system and installed a mail generator. Given the severity of this
(ie you are sending out thousands of email phishing frauds) you should
probably take th
This morning I had over 7000 emails in my Linux server's outbound queue
which I deleted. My firewall log shows over 20,000 emails went out with a
SunTrust bank announce saying to login and enter your username and password.
I do not see the emails coming in like I would in a relay. How can I stop
