Slightly OT: Postcard Virus/SPAM --RESOLVED
Philip Zeigler
philip at zeiglers.net
Wed Oct 14 00:56:37 IST 2009
I have solved the problem. As I mentioned before, there is no way a user can log in with shell access and everything was being sent as the user apache so it had to be web related.
It turns out the server had package installed called horde which is apparently a framework for creating web applications. Also appears the the default configuration is very unsecure and allowed a hacker to create an application to send out these postcard spam/virus. Removing horde and a reboot fixed the issue.
Philip
-----Original Message-----
From: "Philip Zeigler" <philip at zeiglers.net>
Date: Tue, 13 Oct 2009 17:35:09
To: <mailscanner at lists.mailscanner.info>
Subject: Slightly OT: Postcard Virus/SPAM
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list