Knowledgebase
help: spam mail from server with unknown person
Posted by seachen, 05-12-2011, 07:01 AM | my server keep sending mail out. i try to figure it out which user but cant find any solutions. any one got experience with this?
below the is logs.
E-Mail Headers
E-Mail Body Chunk:
Log:
|
Posted by aodat2, 05-12-2011, 07:34 AM | From what I could see above (too long and lazy to really read), you are having a script or something like that running.
On the other hand when I see "Unroutable Address" then I'd think that the domain is not resolving. Is your server resolving it's addresses? Considering that you're using a Malaysian line/server, is your DNS resolving correctly?
|
Posted by maeh, 05-12-2011, 11:43 AM | it's looks like php mail header injection. you are using an unsecure script. maybe a contact formular?
|
Posted by m4rc3, 05-12-2011, 12:04 PM | One of the things that is a must on shared servers is to extend exim's logging.
Follow the guide here, http://www.webhostgear.com/118.html
After that exim will log the directory from where the emails are coming, ie: /home/spaminguser/public_html/funky_folder
You can also run a grep for cwd and sort the output to get where are most mails coming from.
|
|
Add to Favourites
Print this Article |
Also Read