Solved

Spam using apache

Posted on 2003-11-18
5
298 Views
Last Modified: 2010-03-04
Hi, Im running mandrake 7.2 with sendmail 8.11  and apache 1.3.12 (I know it's old, but its a bit tricky to upgrade that server at the moment). We received some complaints that our server had been used to spam, and when I looked at the sendmail logs, it shows an email being sent nearly every second but it says "from=apache" and I havent got a clue how they're doing this. There are a few websites on that server that have formmail (perl) and php contact pages that have the to field already specified, could this be the cause?

Also, could it be that its because I'm running old versions of apache and or sendmail? Whats the best way to stop this person spamming through my server?
0
Comment
Question by:choccarlm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 16

Accepted Solution

by:
_nn_ earned 125 total points
ID: 9769911
If that formmail.pl is the ol' "Matt's" one, then I'd recommend to replace it asap with the one provided at http://nms-cgi.sourceforge.net/
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 9779934
I agree with _nn_ - there were a number of security issues in the old Matt's script archive formmail - see:

http://www.monkeys.com/anti-spam/formmail-advisory.pdf
http://www.toto.com/cgi-bin/periwinkle/newsget?id=A00083
http://www.toto.com/cgi-bin/periwinkle/newsget?id=A00065

(also go to http://www.securityfocus.com/search and search on formmail )
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 9922153
If the formail.pl script is being used to email you only, and you don't mind receiving the odd bit of SPAM, you can configure the formail script to pass all the environemntal variables to the script, and actually start to locate the person responsible for the spamming. I personally hardcode the 'to address' in all my scripts wherever possible in order to prevent this type of abuse of the script.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question