From owner-freebsd-questions@FreeBSD.ORG Mon Aug 15 19:35:33 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A714F1065670 for ; Mon, 15 Aug 2011 19:35:33 +0000 (UTC) (envelope-from alexus@gmail.com) Received: from mail-pz0-f45.google.com (mail-pz0-f45.google.com [209.85.210.45]) by mx1.freebsd.org (Postfix) with ESMTP id 81F488FC1B for ; Mon, 15 Aug 2011 19:35:33 +0000 (UTC) Received: by pzk33 with SMTP id 33so5738226pzk.18 for ; Mon, 15 Aug 2011 12:35:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=2ziJOAhzQkJGtDF2QtpkEwdfOr4XVTP0+aXTTXOHOnE=; b=np+ai5eUqfXC7nHdiHjnWeLbkmJ15UlKDrrEz+43vtP+MtkjLswIW3GKlxeeCG6Zxa g9taYnhcExr+lHQYRMG6pxiJSoDf2xAwydYSWjms7wwtLHnYfJcBiziN6q1w5cFNxXo4 Gnh7O8OjciHglsEsf0VA3pLb1klNGpaN7QqWY= MIME-Version: 1.0 Received: by 10.142.248.36 with SMTP id v36mr2111319wfh.414.1313436932849; Mon, 15 Aug 2011 12:35:32 -0700 (PDT) Received: by 10.68.60.97 with HTTP; Mon, 15 Aug 2011 12:35:32 -0700 (PDT) In-Reply-To: <201108151857.p7FIvqYe038073@mail.r-bonomi.com> References: <201108151857.p7FIvqYe038073@mail.r-bonomi.com> Date: Mon, 15 Aug 2011 15:35:32 -0400 Message-ID: From: alexus To: Robert Bonomi Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-questions@freebsd.org Subject: Re: looking for a spammer/virii/malware .... on my system X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Aug 2011 19:35:33 -0000 Robert Bonomi: I didn't received anything from you other then part of my own email... On Mon, Aug 15, 2011 at 2:57 PM, Robert Bonomi w= rote: >> From owner-freebsd-questions@freebsd.org =C2=A0Mon Aug 15 12:37:33 2011 >> Date: Mon, 15 Aug 2011 13:05:15 -0400 >> From: alexus >> To: freebsd-questions@freebsd.org >> Subject: looking for a spammer/virii/malware .... on my system >> >> I received a SPAM complain from my ISP and we're trying to figure out >> what/where the problem is... >> >> from headers: >> >> Received: from 64.237.55.83 by webmail.west.cox.net; Sun, 14 Aug 2011 >> 18:43:41 -0400 >> >> 64.237.55.83 is an IP that resides on my box, obviously I'm not >> sending out any spam intentionally, so maybe some of my users do and >> not necessarily intentionally either could be a virus or malware or >> whatever doesn't really matter, I just want to stop it. >> >> so just for now I did this >> >> su-3.2# ipfw add 666 deny ip from any to webmail.west.cox.net via any >> 00666 deny ip from any to 68.6.19.1 >> su-3.2# >> >> what else can I do to find it on my system who's trying to connect to >> remote webmail.west.cox.net ? >> >> >> -- >> http://alexus.org/ >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.= org" >> > --=20 http://alexus.org/