Results 1 to 3 of 3
  1. #1
    Join Date
    Jun 2001
    Posts
    740

    Spam is being sent from my server!

    Hello

    Have any of your seen anything like this before?

    Someone is somehow sending spam via my server.

    Looking at /var/log/exim_mainlog I can see many entries like the following:

    2008-04-07 21:10:43 1Jixfv-0006ad-4Y [= [] H=smtp.inet.fi [192.89.123.192] P=esmtp S=4192 [email protected]
    2008-04-07 21:10:43 1Jixfv-0006ad-4Y =] info [[email protected]] R=virtual_user T=virtual_userdelivery
    2008-04-07 21:10:43 1Jixfv-0006ad-4Y Completed

    So it looks like this is an e-mail being sent to [email protected]

    However when I look at my mail I can see the mails are being sent FROM [email protected]. For example:

    Sorry, but Lyris ListManager did not find your email address
    -] "[email protected]"

    listed as a member of techno-l.

    Only members of techno-l are allowed to contribute messages.

    Because Lyris ListManager could not confirm that you are a member of techno-l, your message was not accepted.

    ---

    Return-Path: [[email protected]]
    Received: from mail.reginamater.com ([201.231.192.60]) by listserver.knowledgeexpress.com with SMTP (Lyris ListManager WIN32 version 8.9a); Mon, 07 Apr 2008 16:01:23 -0500
    Message-ID: [[email protected]]
    From: "gun mella" [[email protected]]
    To: [[email protected]]
    Subject: Don't pay too much for your drugs. Buy from us.
    Date: Mon, 07 Apr 2008 18:15:12 +0000
    MIME-Version: 1.0
    Content-Type: text/plain;
    charset="iso-8859-1"
    Content-Transfer-Encoding: 7bit
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook Express 6.00.2900.3138
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198

    4 free pills with every order
    http://www.google.fr/pagead/iclk?sa=...timeminute.com


    ...

    There are lots of bounced e-mails being sent back to me.

    Does anyone know how I can check to see what's spending the spam or how to stop it?

    Thanks

  2. #2
    I also experience this. I'm getting a lot of bounced email which I believe because my server send a lot of spam emails. anybody want to at least enlighten us?

    thank you

  3. #3
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    Go through, harden your server, recompile php with the appropriate mailheader patches, secure your server from relays.

    Keep your software up to date, and hire an admin, otherwise, you're never, ever going to put this to a stop.
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •