Re: [exim] error!am i hacked?

Pàgina inicial
Aquest missatge és part del següent fil:
M+\l'arbre de fils complet ordenat per data
MMMRyan Kerwin Macrohon en <-
.MMAlan J. Flavell en ->
Delete this message
Reply to this message
Autor: Tim Jackson
Data:  
A: Ryan Kerwin Macrohon
CC: exim-users
Assumpte: Re: [exim] error!am i hacked?
> Guys!!there are many messages that I receive...when i read the logs, this
> is what it mostly say...Am i compromised!!!any comment would be of big
> help!!!

[snip lots of messages from mail@??? to mail@???]

Quite possibly, to some extent. You didn't show the log excerpts of the
messages entering your system, nor say what else (if anything) the machine
is doing other than handling mail. There are many possibilities, of which
the below are only some:

- If it's a webserver too, it's quite possible that you just have an
insecure mail form of some description (especially with the current PHP
header injection automated exploits that are doing the rounds). It could
also be a compromise via phpBB or some other vulnerable web app

- you could have a malicious user on your machine

- if you use SMTP AUTH, maybe one of your users has got a weak password
that has been bruteforced

- if this machine is a mail hub, maybe one of your users has a
virus/trojan, or maybe one of the other machines it relays for is
compromised

Tim


Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-Re: [exim] exim as secondary, need it to re-write some headersRe: [exim] error!am i hacked?->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)