[NCLUG] spam problem with qmail
mherndon at lamar.colostate.edu
Mon Jan 12 18:32:49 MST 2004
I've a little experience with Linux, but consider myself very much so a newbie
in this arena.
I have a mail server running Slackware with qmail 1.03.
Over the last couple of days, the server has been compromised and appears to
be relaying spam. When I generate a ps aux, it informs me that it's running
on qmail-remote process. The qmail-queue reflects 1000's of messages with the
from address showing the same address everytime. The address reflected was
actually an alias account which has since been removed.
I'm in the process of removing all messages from the qmail-queue related to
that address, and I have already killed the qmail processes.
I'm stumped on what I need to exactly do now. I would be greatful for any
help or suggestions.
More information about the NCLUG