From owner-freebsd-questions@FreeBSD.ORG Sun May 15 17:25:58 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7AD8416A4CE for ; Sun, 15 May 2005 17:25:58 +0000 (GMT) Received: from makeworld.com (makeworld.com [216.201.118.142]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2224543D91 for ; Sun, 15 May 2005 17:25:58 +0000 (GMT) (envelope-from racerx@makeworld.com) Received: from localhost (localhost.com [127.0.0.1]) by makeworld.com (Postfix) with ESMTP id 5A91560D8; Sun, 15 May 2005 12:25:57 -0500 (CDT) Received: from makeworld.com ([127.0.0.1]) by localhost (makeworld.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 01168-03; Sun, 15 May 2005 12:25:53 -0500 (CDT) Received: from [216.201.118.138] (racerx.makeworld.com [216.201.118.138]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by makeworld.com (Postfix) with ESMTP id 9BE2560DA; Sun, 15 May 2005 12:25:48 -0500 (CDT) Message-ID: <4287864E.8050102@makeworld.com> Date: Sun, 15 May 2005 12:26:38 -0500 From: Chris User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050414) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jerry Bell References: <004001c5596f$89139110$6402a8c0@kevin> <2652.24.98.86.57.1116177233.squirrel@24.98.86.57> In-Reply-To: <2652.24.98.86.57.1116177233.squirrel@24.98.86.57> X-Enigmail-Version: 0.91.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: by ClamAV 0.75.1/amavisd-new-2.3.0 (20050424) at makeworld.com - Isn't it ironic cc: Kevin Pang cc: freebsd-questions@freebsd.org Subject: Re: Spam Problems X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: racerx@makeworld.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 May 2005 17:25:58 -0000 Jerry Bell wrote: >>web script. The sender was specified as "www@myhost.com" according to the >>complaint email. I use phpBB, vBulletin and Awstats. > > > Most likely the attacker used a flaw in phpBB or awstats. Are you running > the latest versions of those? Otherwise, it is possible they found a > vulnerability in something else you were running, like apache, php, etc. > > Jerry > http://www.syslog.org In addition to what Jerry states, visit the Postfix site. Learn how to setup, configure, and manage Postfix. If not done right, you may have set it up to be a relay - and that's not a good thing. Lock down Postfix. Ensure you understand all he things you did to it, in the end you may find out you set something wrong, or added something you should not have. -- Best regards, Chris The one ingredient you made a special trip to the store to get will be the one thing your guest is allergic to.