My first post.. I read the rules and it seems that this is the place to post. Sorry if I am in wrong thread.
I need help on
NOC says that spam mails are getting through my server and they are right too. AOL sends me reports of 100's of them. I doubt it is a mail script as I see the firstname.lastname@example.org
in the mail logs. I disabled the mail function of PHP. But it is continuing..
My questions to techies here are
1) If possible, how can I block the mail function used in perl/cgi script ?
2) I removed the server's hostname from the /etc/localdomains. Is it a right move ?
3) External domains relay are disabled.
4) How to find the script and who is executing it and which domain ?
5) How can I prevent such attacks in future ?
Thanks for all your help with this