Slightly OT: Postcard Virus/SPAM
philip at zeiglers.net
Tue Oct 13 22:35:09 IST 2009
I just noticed that one of my mail servers has been compromised somehow and
has begun sending out spam/virus as if it was coming from postcard.org. The
emails seem to be originating from my web server with the
apache at mydomain.com address.
I have stopped the sendmail out process so that these don't get sent. This
also prevents more of these emails from being generated. If I flush the
mail queue and restart the outbound sendmail process then more of these
emails get generated. Until I get this cleaned up, I'm leaving it off.
My problem is that I can't figure out how they are actually getting
generated so that I can put a stop to it. There is no trace in my
access_log files of anyone posting through a form, etc.
Has anyone else dealt with this and know how to clean up this mess.
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the MailScanner