Mailinglist Archive: opensuse-security (409 mails)

< Previous Next >
Re: FW: [suse-security] sendmail spam
  • From: Anders Johansson <andjoh@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 6 Aug 2002 12:08:51 +0200
  • Message-id: <200208061208.51675.andjoh@xxxxxxxxxxxxxxxxxxxxx>
On Tuesday 06 August 2002 12:14, rutger wrote:
> hello peter,
> do you mean formmail.pl??
> and do you think then someone is using an
> formular on one of our server's webpages??
> but how could that possibly be relayed??

Do you have a web page that sends mail to someone at your company, say a
"contact us" page, for instance? And does that page store the "to" address in
the html, in a hidden variable? If that's the case, all a person has to do is
use "...&mailto=foo@xxxxxxx&..." to send the mail to foo@xxxxxxx through your
server.

Compare the mail log with the web server's access log. That might show you
which page on your server has been used

regards
Anders

< Previous Next >
Follow Ups
References