Our intrusion detection software started picking up thousands of access attempts to /etc/shadow (the UNIX user password store) shortly after installing SpamAssassin on our mail gateway.
Could one of the developers comment on why SA might be doing this and/or if this is even an intent? (Running SA 3.1.0)
Thanks!
- /etc/shadow access from SA leonard . gray
- Re: /etc/shadow access from SA Justin Mason
- RE: /etc/shadow access from SA Dallas L. Engelken
- RE: /etc/shadow access from SA Peter P. Benac
- Re: /etc/shadow access from SA Theo Van Dinter
- RE: /etc/shadow access from SA Dallas L. Engelken
- RE: /etc/shadow access from SA Dallas L. Engelken
