Hi,

I have installed capnel and people are using fromail scripts, last 5 days it sent out 65000 mails.

How could I prevent this?

thanks

Must turn open relay off on your mail server.

Hi,

How would it prevent? is it going to block all out going mail?

any help appreciate?

Thanks

formmail spamming is not related to being an open relay.

More info here:

http://www.modwest.com/help/kb.phtml?cat=10&qid=83

I couldn't find useful info there.


How could I track it, who send those mails?


Thansk

look at the access log for the domain with formmail installed. Look for lots of GET or POST requests to formmail from the same IP in a row. This is very likely not one of your customers spamming, but rather an anonymous idiot on the net who has discovered the vulnerable version on your server and is using your bandwidth and server resources to send out spam.

I am sorry no one took the proper time to explain what is going on.

Some older Formmail programs did not require that emails be sent to a specific response address. Therefore, it is possible that a specially crafted http post could use the form script to send spams out to people on the internet. In order to resolve this, you will need to check each formmail script and ensure that it has a receipent address. If it doesnt, remove it and replace it with a newer version.