+ Reply to Thread

Results 1 to 1 of 1

Thread: Tracing script spamming

LinkBack
- LinkBack URL
- About LinkBacks
- Bookmark & Share
- Digg this Thread!
- Add Thread to del.icio.us
- Bookmark in Technorati
- Furl this Thread!
Thread Tools
Display
- Linear Mode
- Switch to Hybrid Mode
- Switch to Threaded Mode

04-20-2010 03:20 AM #1

karl
Administrator

Join Date

Mar 2010

Posts

76

Tracing script spamming

Tracing script spamming

Open exim.conf

pico -w /etc/exim.conf

Find this;

hostlist auth_relay_hosts = *

After hostlist auth_relay_hosts = *

add

log_selector = \ +address_rewrite \ +all_parents \ +arguments \ +connection_reject \ +received_sender \ +received_recipients \ +subject \

Save and restart exim.

Then you can see extra information for each smtp connection made to server. If any user on your server sending emails with php scripts then you can see path of script folder too. Here is an example;

2003-06-27 14:06:18 cwd=/home/usersite/public_html/forums 3 args: /usr/sbin/sendmail -t -i 2003-06-27 14:06:18 19W0QE-0001Nr-1b "nobody@srv05.primenet.cc" from env-from rewritten as ""usersite.com" <minx@usersite.com>" by rule 1

Karl
Ahosting, INC
Reseller Hosting

Reply With Quote

+ Reply to Thread

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

All times are GMT. The time now is 01:26 AM.

Powered by vBulletin™ Version 4.0.0
Copyright © 2012 vBulletin Solutions, Inc. All rights reserved.
Content Relevant URLs by vBSEO