I have a dedicated server using linux and apache that is being exploited by someone using it to relay spam. They have been able to exploit the server via a php formmail script I have been using. I have this script running on dozens of web sites, so changing the script is not the solution. I have since installed a robots.txt blocking these files from being picked up by the spam robots.
I also get messages like this about a virus from one bogus alias on my domain to another bogus alias:
This is a message from the MailScanner E-Mail Virus Protection Service
----------------------------------------------------------------------
The original e-mail attachment "information.zip"
was believed to be infected by a virus and has been replaced by this warning
message.
If you wish to receive a copy of the *infected* attachment, please
e-mail helpdesk and include the whole of this message
in your request. Alternatively, you can call them, with
the contents of this message to hand when you call.
At Sat Apr 1 10:56:49 2006 the virus scanner said:
ClamAV Module: information.ht.scr was infected: Worm.Mytob.CA
MailScanner: Windows Screensavers are often used to hide viruses (information.ht.scr)
Note to Help Desk: Look on the WebDesign MailScanner in /home/virtual/site16/fst/var/spool/mail.quarantine/20060401 (message k31IuZrQ005959).
--
Postmaster
MailScanner thanks transtec Computers for their support
Unfortunately I am a designer and not a programmer so I know next to nothing about how to go about solving this problem and my mail and server are going down too often. I have talked to my server guys but they don't seem to know what do to about it. Can someone recommend a plan of action for me to take to stop this from happening once and for all?
Thank you!
I also get messages like this about a virus from one bogus alias on my domain to another bogus alias:
This is a message from the MailScanner E-Mail Virus Protection Service
----------------------------------------------------------------------
The original e-mail attachment "information.zip"
was believed to be infected by a virus and has been replaced by this warning
message.
If you wish to receive a copy of the *infected* attachment, please
e-mail helpdesk and include the whole of this message
in your request. Alternatively, you can call them, with
the contents of this message to hand when you call.
At Sat Apr 1 10:56:49 2006 the virus scanner said:
ClamAV Module: information.ht.scr was infected: Worm.Mytob.CA
MailScanner: Windows Screensavers are often used to hide viruses (information.ht.scr)
Note to Help Desk: Look on the WebDesign MailScanner in /home/virtual/site16/fst/var/spool/mail.quarantine/20060401 (message k31IuZrQ005959).
--
Postmaster
MailScanner thanks transtec Computers for their support
Unfortunately I am a designer and not a programmer so I know next to nothing about how to go about solving this problem and my mail and server are going down too often. I have talked to my server guys but they don't seem to know what do to about it. Can someone recommend a plan of action for me to take to stop this from happening once and for all?
Thank you!