Slightly OT: Postcard Virus/SPAM
Philip Zeigler
philip at zeiglers.net
Tue Oct 13 22:35:09 IST 2009
I just noticed that one of my mail servers has been compromised somehow and
has begun sending out spam/virus as if it was coming from postcard.org. The
emails seem to be originating from my web server with the
apache at mydomain.com address.
I have stopped the sendmail out process so that these don't get sent. This
also prevents more of these emails from being generated. If I flush the
mail queue and restart the outbound sendmail process then more of these
emails get generated. Until I get this cleaned up, I'm leaving it off.
My problem is that I can't figure out how they are actually getting
generated so that I can put a stop to it. There is no trace in my
access_log files of anyone posting through a form, etc.
Has anyone else dealt with this and know how to clean up this mess.
Philip
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20091013/1401118d/attachment.html
More information about the MailScanner
mailing list