On 19/01/2007 13:09, Magnus Holmgren wrote: > Well, it's very common for ratware to do that, but you would have to try hard > to make Exim do it (OK, it's not that hard, but it's nothing you do by > mistake). And nothing in Exim's configuration stops other programs from > sending mail directly with SMTP - to stop that you need a firewall setup. It > seems possible that your server has been cracked, especially since it's a web > server.
Ah, the joys of shared hosting. Check your webserver logs too - this could very trivially be a PHP exploit. If one of your domains is suddenly doing a very large amount of web traffic, it could well be that you have a vulnerable script which someone is pumping SMTP rubbish into. Graeme -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
