On 05/09/12 11:16, Cyborg wrote:
> I had several hacks where the attackers exploited a wordpress
> (etc.) , installed theire own spamming software, and used it to
> flood the world with unwanted mailspam.
FWIW, in a previous role we had a shared web hosting system where this
happened occasionally, so I used iptables to block users from making
outgoing connections on port 25 and then added per-uid rate limits to
the local Exim installation. Each website ran under its own uid.
Solved the problem entirely, with very little work.
- --
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
