> I finally closed every port on the server <snip> > <snip> it sure was easier than a re-format and reinstall.
And does absolutely zero good if you have been root-kitted and your passwords compromised. Richard, Take Matt's advice. You mail server, and likely other computers in your network, are under control of someone else now. The only way to be safe is to nuke it and change all admin passwords at a minimum. Be sure to make a note that the backups (you do backups don't you?) are infected too and to treat them accordingly in case a restore is needed from them. Good luck, Doug Traylor PS. Now might be a good time to build up that new server you've been wanting and just switch over to it. You know you want to. :o) To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
