[NCLUG] spam problem with qmail

mherndon mherndon at lamar.colostate.edu
Mon Jan 12 18:32:49 MST 2004

Hello all,

I've a little experience with Linux, but consider myself very much so a newbie 
in this arena.

I have a mail server running Slackware with qmail 1.03.

Over the last couple of days, the server has been compromised and appears to 
be relaying spam.  When I generate a ps aux, it informs me that it's running 
on qmail-remote process.  The qmail-queue reflects 1000's of messages with the 
from address showing the same address everytime.  The address reflected was 
actually an alias account which has since been removed.

I'm in the process of removing all messages from the qmail-queue related to 
that address, and I have already killed the qmail processes.

I'm stumped on what I need to exactly do now.  I would be greatful for any 
help or suggestions.

Thanks.  -Mark

More information about the NCLUG mailing list