Hi.

Today my server had a great problem with congestion of sending of emails provoked by attack Spam. I received the following information from aid of the CPANEL:

"Your /tmp directory was hacked into which I believe was part of the problem. You will need to get your admin to check what PHP script was exploited to get access to the /tmp directory. I believe once you find this out it will resolve your mail issues, as I think someone is trying to SPAM. The user I mentioned earlier does not appear to be the culprit."


Somebody could help me with this problem? What I must look for?

Thanks

You should mount your /tmp as noexec

How do I make that?

Thank you

/scripts/securetmp

Would that cause some problem for the server or for the cPanel?

Thank you

/scripts/securetmp is both good and bad. It can do the job for you, but if you're not familliar with linux then do NOT use it, because it CAN cause problems!!!

That said:
Mail (generally) has nothing to do with being hacked. In fact, whoever told you this must have had a bowl of ihavenoclue for breakfast. I'm not saying that it's not possible, but really unlikely that this is the cause here.

Solution:
Do what was suggested in the email. Find a sysadmin, have him look at the problem, assess things and see whether or not you've really been hacked, and what the real damage is to your server. DO NOT wait on this matter, as every bit of time that you wait will give your hacker (if you've been hacked) that much more time to go through your server and have his way, and it'll be that much more expensive to recover from.

I used to ahve the same problem... find a very good admin..... Or your box can be un-plugged like me :(

Thanks guys.