I have posted here before but seams to me that I was not clear enough about
the situation and what the problem is.
Our server gets bombarded with email and we think some of this emails
contain some sort of encripted scripts which get executed by the server.
We will receive random generated e-mail for example with the adress
3732328727432.8942847284@??? , then this email gets converted into
several messages with different recipients adresess which gets send out on
relay fashion. those numbers are automaticaly generated so we cannot deny
service to any header containing that e-maill adress, every single one of
them is unique. The contet of the email is totaly gibrish to us, is all
encoded. we know because when we watch the queue we see the above message
beeing received and then several other messages get added after it. If we
wait and try to open the original message gets automaticaly deleted,
probably by the script it contains.
the more interesting thing is that on content say IMAGE, is no image and no
attachements to the original message, just some code, some of the code are
pairs of caracters on the HEXADECIMAL code numbers 1 to 0 and leter A to F,
some have true binary code listed in them all 1 and 0's and some have just
random caracters probably encripted...problem is that when i try to read
some of this emails i got instantly warned about some sort of virus atacking
my computer, so i asume that what ever is in those emails gets executed in
my browser when i access for example the mail que manager in webhost at root
level.
On our receiving end we get thousands of emails rejected by other servers
either for spam or virus content.
To understand the situation fully, is like having a DDoS attack, brings our
server to a stand still and all our aplications are colapsing, we get
continuous warning messages for exim fail, pop fail and imap fail, it is
getting so dificult that we are not even able to login on the root to see
what is going on, this problem started about 2 months ago, and seams that
everything we try is futile. we cannot stop this.
We apreciate any help and directions on this matter from any one which can
help us.
--
View this message in context:
http://www.nabble.com/e-mail-problems-on-linux-using-exim-t1732951.html#a4708742
Sent from the Exim Users forum at Nabble.com.