>
> It seems that somebody used one of my sqwebmail servers to spam. Since
> they deleted the From: address it was replaced by [EMAIL PROTECTED]
You could enable nochangingfrom
>
> After checking the maillog, apache access_log and cgi.log, I still can't
> find any indication of an IP or userid.
The sendit.sh has access to all the CGI environment variables.
You could try something like
(echo X-Ident: $REMOTE_IDENT@$REMOTE_HOST $HTTP_X_FORWARDED_FOR;cat) \
|/var/qmail/bin/qmail-inject -f "$AUTHADDR@<foo.bar>"
>
> Is there a way to track this down...or at least make sqwebmail log one or
> both pieces of info?
The IP address definitly should be in your apache log.
Try a grep for "GET /cgi-bin/sqwebmail" or "POST /cgi-bin/sqwebmail"
of your access log(s).
--
Mark Evans
St. Peter's CofE High School
Phone: +44 1392 204764 X109
Fax: +44 1392 204763
