Date: 16 Aug 2010 17:01:34 -0000 From: John Levine <johnl@iecc.com> To: freebsd-questions@freebsd.org Cc: ryan.coleman@cwis.biz Subject: Re: Open Mail Relay Message-ID: <20100816170134.39340.qmail@joyce.lan> In-Reply-To: <BCC7F601-8B85-4506-81A5-39A6D7809538@cwis.biz>
next in thread | previous in thread | raw e-mail | index | archive | help
>> Assume, as Mr. Bonomi suggests, that some bad guy has installed some >type of additional mailer on the machine or another machine that's >allowed to relay mail. How would I go about locating that other mailer? Another popular hack is uploading a PHP script using bugs in a CMS or wiki. Once you have a message with accurate timestamps in the headers, check the web logs at those times, too. R's, John
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100816170134.39340.qmail>