Re: [exim] my IP blacklisted at CBL issues with HELO'ing

Top Pagina
Deze boodschap maakt deel uit van devolgende draad:
Mde volledige draad-boom gesorteerd op datum
MMarkus Hardiyanto op <-
M\Markus Hardiyanto op ->
Delete this message
Reply to this message
Auteur: Graeme Fowler
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] my IP blacklisted at CBL issues with HELO'ing
On 19/01/2007 13:09, Magnus Holmgren wrote:
> Well, it's very common for ratware to do that, but you would have to try hard
> to make Exim do it (OK, it's not that hard, but it's nothing you do by
> mistake). And nothing in Exim's configuration stops other programs from
> sending mail directly with SMTP - to stop that you need a firewall setup. It
> seems possible that your server has been cracked, especially since it's a web
> server.

Ah, the joys of shared hosting.

Check your webserver logs too - this could very trivially be a PHP
exploit. If one of your domains is suddenly doing a very large amount of
web traffic, it could well be that you have a vulnerable script which
someone is pumping SMTP rubbish into.

Graeme


Deze boodschap werd naar devolgende mailinglijsten gestuurd:
Exim-users
Mailing Lijst Info | Nabije Berichten		<-Re: [exim] my IP blacklisted at CBL issues with HELO'ing[exim] Generic reverse DNS->
Tahini and Hummus and Cumin Development Archives beheerd door cumin AdminsLurker (versie 2.3)