I need some serious help with a SPAM issue on my server. Starting a few weeks ago the server load jumped and I saw a huge increase amount of SPAM being sent from
the server. This is odd since I have everything isntalled and blocked properly. Running pop before smtp, phpsuex etc... I have mod_sec. installed, and I am tracking all of the emails.
I have checked for insecure scripts....
In fact this is on one of my own domains that I own myself.
Relaying is closed
and tested.
All updated are done and running.
APF firewall up and running as well as bfd
I tracked the email logs and here is an example that I got today on this
2006-04-18 05:21:10 1FVpCf-00013R-UX <= [email protected] U=incident P=local S=4517 T="Voce recebeu um cartao" from <[email protected]> for igfreit$
2006-04-18 05:21:10 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1FVpCf-00013R-UX
I have changed the "Incident" Password, that does not do anything.
Any other suggestions?
the server. This is odd since I have everything isntalled and blocked properly. Running pop before smtp, phpsuex etc... I have mod_sec. installed, and I am tracking all of the emails.
I have checked for insecure scripts....
In fact this is on one of my own domains that I own myself.
Relaying is closed
and tested.
All updated are done and running.
APF firewall up and running as well as bfd
I tracked the email logs and here is an example that I got today on this
2006-04-18 05:21:10 1FVpCf-00013R-UX <= [email protected] U=incident P=local S=4517 T="Voce recebeu um cartao" from <[email protected]> for igfreit$
2006-04-18 05:21:10 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1FVpCf-00013R-UX
I have changed the "Incident" Password, that does not do anything.
Any other suggestions?
