The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spam relaying

Discussion in 'General Discussion' started by PDW, Nov 10, 2004.

  1. PDW

    PDW Well-Known Member

    Joined:
    Dec 29, 2003
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Ok, here is the problem, I have spam being relayed through my server. Problem is Ive followed all steps to stop it except stopping the mail relay itself. Ive got smtp auth. on, Ive got it all in there.

    any other suggestions, I keep stopping th eguy and he keeps finding another way in.
     
  2. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    How do you know you're actually stopping him? Maybe he can just knock the band-aid off each time?

    Have you monkeyed with any of the exim settings? Has Mailscanner or any other mailproxy, scanner or otherwise been inserted into the mailstream?

    You might be looking at a vulnerable script... or less likely a mail account with an easily guessed or default password.

    Search for the additional exim logging covered elsewhere in this forum, implement it, and tail your mail logs, hopefully that will help you find the source.
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Yup. Unless you've changed the standard Exim configuration, it's highly unlikely to be there. Much more likely is a compromised PHP or perl CGI script.
     
Loading...

Share This Page