Right after I posted this I did locate an old version of formmail.pl and disabled it until the customer can replace it with a more secure version. Thanks.
> I got up this morning and discovered that someone sent some spam through > one of my servers. The messages were sent from the 'www' user on > localhost, which is leading me to think somewhere someone has an insecure > php or perl script that is allowing someone to designate the recipient, > the subject, body, etc. I know the machine is not open-relay (I tested it > to double check) and I checked to make sure no one had actually logged in. > I grepped all of apache's log files looking for sites that received hits > about the same time the mail started going out. What else can I do to find > how the mail is being sent? Thanks, > > Joe > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"