I have over 600 of these going out from my server right now, i just caught it, and i cant find the source!!!!
2003-04-14 15:07:03 195C6Q-0004zd-00 <= [email protected] H=localhost (my.server.com) [127.0.0.1] P=esmtp X=TLSv1:DES-CBC3-SHA:168 S=527120 [email protected]
2003-04-14 15:07:03 195C6I-0004zJ-00 => [email protected] R=lookuphost T=remote_smtp H=not.com [0.0.0.0] X=TLSv1:DES-CBC3-SHA:168
2003-04-14 15:07:03 195C6I-0004zJ-00 Completed
2003-04-14 15:07:08 195C6V-0004zr-00 <= [email protected] H=localhost (my.server.com) [127.0.0.1] P=esmtp X=TLSv1:DES-CBC3-SHA:168 S=527650 [email protected]
2003-04-14 15:07:09 195C6Q-0004zd-00 => [email protected] R=lookuphost T=remote_smtp H=not.com [0.0.0.0] X=TLSv1:DES-CBC3-SHA:168
The only thing i can do it shut down Exim to stop it. How can i find out who this is?
Thats because cpanel allows messages to be send out of the server as nobody!
2003-04-14 15:07:03 195C6Q-0004zd-00 <= [email protected] H=localhost (my.server.com) [127.0.0.1] P=esmtp X=TLSv1:DES-CBC3-SHA:168 S=527120 [email protected]
2003-04-14 15:07:03 195C6I-0004zJ-00 => [email protected] R=lookuphost T=remote_smtp H=not.com [0.0.0.0] X=TLSv1:DES-CBC3-SHA:168
2003-04-14 15:07:03 195C6I-0004zJ-00 Completed
2003-04-14 15:07:08 195C6V-0004zr-00 <= [email protected] H=localhost (my.server.com) [127.0.0.1] P=esmtp X=TLSv1:DES-CBC3-SHA:168 S=527650 [email protected]
2003-04-14 15:07:09 195C6Q-0004zd-00 => [email protected] R=lookuphost T=remote_smtp H=not.com [0.0.0.0] X=TLSv1:DES-CBC3-SHA:168
The only thing i can do it shut down Exim to stop it. How can i find out who this is?
Last edited: