Quoting Daniel Pittman <[EMAIL PROTECTED]>:
Which release of SME Server was this? Having done some auditing, and
worked with customers who ran SME Server systems for some years without
incident -- but only on older versions -- I am surprised at this claim.
It is some years ago now...
As I recall the older versions didn't seem to have the problem. I only
found the problem with the 'last two' versions... whatever numbers
they were.. sorry can't remember.
Do you have any supporting evidence for that? Alternately, did the
folks you know write this up anywhere?
We weren't able to track down the exact process that was doing the sending...
Every time you touched the mouse.. or keyed 'ps ax' the sending seemed
to stop.
When it was spamming, we got disconnection threats from our isp...
We noticed that if the machine was totally isolated to the local
network it didn't send anything. If it had internet access then it
would spam.
I'm very certain that if one were to install it fresh from CD on a
fresh machine it would start spamming again. The rogue code (I think)
would still be there.
These are just my opinions... i don't have any logs or enough evidence
to catch it.... quite frankly.... it was too clever for me.....
David
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
