Gurus,
I have an old 4.0D box that has been a web server since the titanic was built. Unfortunatly it is still being used, and the handfull of customers have all sorts of individual customised cgi's.
SpamCop has indicated that this box may have been comprimised, and being used as a relay, however a telnet mail.server 25 still gives a 550 relay reject error. So I think someone is routing the mail through a local cgi.
I chmod -x /usr/lib/sendmail, however I need to have that enabled for legite mail. Can someone please give me guidnace in detmining where this mail might be spawning from. I dont want this /24 ending up on a spam list.
Cheers
Cian
Received on Sun Jun 09 2002 - 15:18:57 NZST