Autor: Graeme Fowler Data: Para: exim users Asunto: Re: [exim] Am I Hacked?
On 04/01/2007 15:01, Rick Lutowski wrote: > Any comments on the bounce msg?
It looks from here like your domain is being used in a spam run, and not
necessarily through your machine (although this isn't conclusive).
You're either catching the bounces, and bouncing them yourself, or
you're accepting-and-bouncing nonexistent local recipients. That's what
all the messages of form:
unknown local-part "blah" in domain "jreality.com"
mean. The version of Exim you're running is so old that you have almost
no defence against the kind of trick Renaud Allard has demonstrated. You
*need* to upgrade.
By the way, having a portmapper hanging its' backside out at the world
is a good way to get 0wn3ed. Turn it off (or firewall it out).
