Do anybody have any ideas on this e-mail? My admin inbox was full of these e-mails this morning, I don't know if
they're for real, or what... Can someone please advice? There is one phpbb running on the server...
HEADERS:
Return-Path:
Received: from mail.the-server.net ([unix socket])
by iris (Cyrus v2.1.15) with LMTP; Sat, 25 Dec 2004 00:50:24 +0100
X-Sieve: CMU Sieve 2.2
Received: from localhost (localhost [127.0.0.1])
by mail.the-server.net (Postfix) with ESMTP id D8D11CA8E;
Sat, 25 Dec 2004 00:50:23 +0100 (CET)
Received: from mail.the-server.net ([127.0.0.1])
by localhost (iris [127.0.0.1]) (amavisd-new, port 10024) with LMTP
id 13131-05-2; Sat, 25 Dec 2004 00:48:50 +0100 (CET)
Received: by mail.the-server.net (Postfix, from userid 30)
id 00F16C874; Sat, 25 Dec 2004 00:48:48 +0100 (CET)
Date: Sat, 25 Dec 2004 00:48:48 +0100
To: postmaster, hostmaster, abuse, admin, root
Subject: YOUR SERVER HAS BEEN HACKED
Message-ID: <41CCAAE0.mailC4S112L68@iris.the-server.net>
User-Agent: nail 10.5 4/27/03
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: wwwrun (WWW daemon apache)
X-Virus-Scanned: by Kaspersky, NOD32 & F-Secure at the-server.net
MESSAGE BODY:
YOUR SERVER HAS BEEN OWNED VIA PHPBB, PLEASE UPGRADE PHP AND PHPBB IMMEDIATELY