If it is going to someone you know over and over (aka a client) it could be a contact us page.
Mark. maillists wrote:
Hello List,I have been trying to isolate attacks on my server where someone is using apache to send spam from my host. I have been hit quite a bit in the past 2 days. Some of my websites have web forms, but I'm pretty surethat they are tight.This is a new line item in my daily Logwatch in the sendmail area that just started to appear with the spam attacks: <snip> Authentication warnings: apache set sender to info@xxxxxxxxx using -f: 7 Times(s) </snip> (info@xxxxxxxxx is a real user on my host.) Does anybody know what this means? Where should I start to find the problem? I am using Redhat9 Apache/2.0.40 php-4.2.2-17.2 sendmail-8.12.8-9.90 sendmail-cf-8.12.8-9.90 mailscanner-4.23-11 mailscanner-mrtg-0.05-3 clamav-0.88 Interchange 5.4 Thanks! Rick --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
-- ___________________________________________ Mark McCulligh, Web Consultant VisualTech Components www.VisualTech.ca mmcculli@xxxxxxxxxxxxx (519)318-7905 --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|