Is someone spamming through me?
Steve Campbell
campbell at cnpapers.com
Wed Apr 26 15:25:12 IST 2006
----- Original Message -----
From: "Jody Cleveland" <Cleveland at winnefox.org>
To: "MailScanner discussion" <mailscanner at lists.mailscanner.info>
Sent: Wednesday, April 26, 2006 10:01 AM
Subject: RE: Is someone spamming through me?
>> Have a look at the headers for where the actual email
>> initially came from - if you've got MailWatch then it's easy, if not
> you'll have a
>> trap a spool file and look at that.
>
> It looks like it's coming from apache.
>
>> As someone else said could be an exploitable php or
>> application hole, I've had this with awstats.pl before and php code.
>
> Is there anything I can test for to try to determine which application
> or php is the offender?
>
You aren't using one of the versions of formmail.php are you? This had a
bunch of holes in it at one time, and as I recall, the cgi version was
recommended as a replacement (or vice-versa).
If you are, there is supposed to be a PHP script that is better, although I
haven't used it yet at
http://www.leveltendesign.com/L10Apps/Fm/index.php
Steve Campbell
campbell at cnpapers.com
Charleston Newspapers
> - jody
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
More information about the MailScanner
mailing list