Date: Mon, 15 Aug 2011 13:57:52 -0500 (CDT) From: Robert Bonomi <bonomi@mail.r-bonomi.com> To: alexus@gmail.com, freebsd-questions@freebsd.org Subject: Re: looking for a spammer/virii/malware .... on my system Message-ID: <201108151857.p7FIvqYe038073@mail.r-bonomi.com> In-Reply-To: <CAJxePNKiEmdimqgdtS-jYPOxExL6a489SR5JW2kCd25X6QFuHQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> From owner-freebsd-questions@freebsd.org Mon Aug 15 12:37:33 2011 > Date: Mon, 15 Aug 2011 13:05:15 -0400 > From: alexus <alexus@gmail.com> > To: freebsd-questions@freebsd.org > Subject: looking for a spammer/virii/malware .... on my system > > I received a SPAM complain from my ISP and we're trying to figure out > what/where the problem is... > > from headers: > > Received: from 64.237.55.83 by webmail.west.cox.net; Sun, 14 Aug 2011 > 18:43:41 -0400 > > 64.237.55.83 is an IP that resides on my box, obviously I'm not > sending out any spam intentionally, so maybe some of my users do and > not necessarily intentionally either could be a virus or malware or > whatever doesn't really matter, I just want to stop it. > > so just for now I did this > > su-3.2# ipfw add 666 deny ip from any to webmail.west.cox.net via any > 00666 deny ip from any to 68.6.19.1 > su-3.2# > > what else can I do to find it on my system who's trying to connect to > remote webmail.west.cox.net ? > > > -- > http://alexus.org/ > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201108151857.p7FIvqYe038073>