Re: [Exim] heavy load - being an open relay?

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Suresh Ramasubramanian
Ημερομηνία:  
Προς: Daniel W., exim-users
Αντικείμενο: Re: [Exim] heavy load - being an open relay?
"Daniel W." <Dan.White@???> writes:

> I recently discovered my box is under heavy load and investigated a
> bit. A "ps ax" showed me quite a lot exim processes. A closer look at
> the "mainlog" logfile showed me lines like the following ones:
> 2002-09-25 11:47:09 17u8l8-0004uJ-00 <= <> H=mc2-s12.law16.hotmail.com
> [65.54.237.61] P=esmtp S=9739

id=3OCcSkpLi00001d3e@???
> 2002-09-25 11:47:09 17u8l8-0004uJ-00 => epico <nobody@???>
> D=localuser T=local_delivery


All these are bounces delivered locally

Either you have an exploited formmail.pl or other insecure perl script, or
someone is forging spam with your domain in the from and you are getting the
bounces.

    -srs