Re: [Exim] Exim or linux virus? No headers other than what's…

Top Pagina
Delete this message
Reply to this message
Auteur: Chris Sparnicht
Datum:  
Aan: exim-users
Onderwerp: Re: [Exim] Exim or linux virus? No headers other than what's been sent.
Hi Kevin, Nico

The funny thing I've been trying to relate is that there are no headers.
Even when I check it in pine, there are none - just exactly what I've
passed on. Perhaps there is a function for viewing headers in pine
that has escaped me, but the email is eerily devoid of any information
that could give me a trace to the offending IP.

It would be wrong for me to attach it as a forward to the list,
knowing it contains a virus, eh?

Perhaps it *is* a ghost. :-O

Cheers,

Chris


----- Original Message ----- >
> > Greetings!
> >
> > I am not currently running exim on my site, however, I keep getting spam from
> > somebody who is running exim. Strangely, it seems to be coming from my
> > site, but there seems to be no IP trail in the header to check one way
> > or another exactly where the email is coming from. I'd almost swear it
> > has to be coming from my site because it says it's bouncing from my
> > website, and yet when I go into shell and use 'locate exim' as su, I see
> > no example of exim anywhere on my box.
> >
> > Here is an example the virus-laden spam.
> > Please note - it's always involving this Lara Croft site, it's always
> > got a virus, probably in the midi file attachment, but the
> > email address to which it's posted changes.
> >
> > Is it likely that someone has found a way to open a smtp relay
> > through my site or is exim just lean enough that it doesn't give
> > away IP trails in the header?
>