Thank you for your answer.
My web server and email server are the same.
I don't know what to look for in the web logs.
I just looked in the acces_log and find one GET on awstats cgi that
doesn't seems abnormal.
Could you help me ?
Regards
Paul.
Drav Sloan a écrit : > Paul LUNETTA wrote:
>
>> Hi,
>>
>> I am pretty sure that i have a breach in my security.
>> I doubled the capacity of SMTP accepted
>>
>> smtp_accept_max = 100 (instead of 50)
>> smtp_accept_max_per_host = 50 (instead of 25)
>>
>> and it has been fullfilled while there was only 2 internal users connected !
>>
>> I made some "open relay" tests. All say "ok"
>> How can I really test my security and/or trace these spammers ?
>>
>> Thank you if you can help and sorry for my poor english.
>>
>
> I note that in the original post (tho obfusicated), that a web
> server was involved. Is there a rogue cgi which is being used
> to submit mail perchance? You could check your web logs to
> confirm.
>
> Regards
>
> D.
>