The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Are they trying to hack my server??

Discussion in 'General Discussion' started by ghw, Feb 8, 2004.

  1. ghw

    ghw Registered

    Joined:
    May 23, 2003
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    I think someone is trying to hack my server, look to the following mail I receive from the server:

    This message was created automatically by mail delivery software.
    A message that you sent has not yet been delivered to one or more of its
    recipients after more than 24 hours on the queue on server2.ghw.be.

    The message identifier is: 1AonDe-0005vS-CW
    The subject of the message is: http://www.xtremesf.nl/cgi-sys/formmail.pl (194.239.6.131:80) bcc: imagx09@aol.com rryQK M nx6HDfPH9 q9lFFgdGn mMa KR RGXFcIHjz 8G6 rIUEgVQbyn m noCo Z mvHkKZD R ERyr6fOQh ÿFFFFCCabcdefghijklmnopqrstuvqxyzABCDEFGHIJKLMNOPQ.
    The date of the message is: Thu, 05 Feb 2004 18:23:14 +0100

    The address to which the message has not yet been delivered is:

    JLhzB6SLBD@www.xtremesf.nl
    Delay reason: lowest numbered MX record points to local host

    No action is required on your part. Delivery attempts will continue for
    some time, and this warning may be repeated at intervals if the message
    remains undelivered. Eventually the mail delivery software will give up,
    and when that happens, the message will be returned to you.




    imagx09@aol.com: I didn't know who this is, but I allways saw this mail adress the previous time the server was hacked.

    It looks me for: cracking-attempts, I think someone is testing the safety from perl,

    What can I do???

    Thanks,
    J. Verrijt
     
  2. hostultra

    hostultra Well-Known Member

    Joined:
    Aug 21, 2002
    Messages:
    167
    Likes Received:
    0
    Trophy Points:
    16
    This is a spammer trying to check for vulnerable formmail.
    Its not vulnerable they are just checking.

    You need to goto tweak settings in WHM and check the box to ignore the BCC.
     
Loading...

Share This Page