My FC3 machine appears to be compromised, please help

[Les Mikesell]

On Thu, 2006-04-06 at 12:24, Paul Howarth wrote:
> > 
> > Couldnt similar be achieved by making temporary entries in /etc/hosts
> > without having to install anything?
> 
> No, because sendmail can't lookup MX records using the hosts file and 
> will always try DNS first, regardless of nsswitch.conf settings.

>From what has been posted so far, the MX records appear to
be right and CNAMES aren't particularly involved in mail
delivery except to the extent that any MX records associated
with the target are inherited by the CNAME, but that doesn't
seem to be the case here. 

The only thing that might confuse sendmail about its name
is the reverse lookup for its interface address and that
still looks right from here:

nslookup 83.104.235.34
Non-authoritative answer:
34.235.104.83.in-addr.arpa      name = rbrennan.demon.co.uk.

Does that give a different answer on the machine in question?

-- 
  Les Mikesell
   lesmikesell at gmail.com