Delia Wakelin wrote:
I have recently been informed that my machine is relaying spam.Need some help to identify the problem. I have had sendmail switched off on a suse 7.3 machine.
Take a look into the logfiles of sendmail (/var/log/mail?) and grep for the sending address, that helps you to identify the spam and the source. also grep your Webserver logfiles for *mail* maybe a script is on your maschine (uploaded by a user maybe?)
here is the gist of the problem - my machine aaa.bbb.cc.dd.
It seems they are using wwwrun - does that mean it is via php? Where and how should I block this
php is one possibility, another is cgi (perl etc.). you can try to use filterrules on your box that block mail from your webserver, but that makes you unable to send mails via the webserver (maybe a webmailer etc.) -- intraDAT AG http://www.intradat.com Wilhelm-Leuschner-Strasse 7 Tel: +49 69-25629-0 D - 60329 Frankfurt am Main Fax: +49 69-25629-256 Junk mail is war. RFCs do not apply.