Postfix hit again (Spam)
CodeHeads
codeheads at gmail.com
Tue May 23 00:13:41 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
After the rebuild, everything was fine for 24 hours and it happened again.
I did uncomment some mods that I was not using in Apache. Maybe that helped a
bit. I am going through all the mods to make sure I need them or not.
As soon as this happened, before shutting down postfix did the following:
lsof
netstat -atu
Of course I piped them to text files.
Here is a link to them both. To long to post them here.
During the incident:
http://code-heads.com/lsof.txt
http://code-heads.com/net.txt
As you can see there was connections. But it was from my own network???
Here is after I shut down postfix:
http://code-heads.com/lsof1.txt
http://code-heads.com/net1.txt
Normally I do not like to post this on my site but I think someone can help
here.
Looks like they are coming in through Apache???
Apache => httpd-2.0.54-10.3
OS => Fedora4
SELinux => enforcing mode
If you need any more info let me know.
Sorry, still learning all this stuff.
I am going through these file now to see the difference.
Geesh, this is getting ridiculous LOL
Will
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEclO1fw3TK8jhZrsRAqTlAKDBddPMv5J6vwrqhkp4uwdO0PlbOgCfRh5z
6SAPoEIspox2A8NRlkRE9p4=
=66Ck
-----END PGP SIGNATURE-----
More information about the fedora-list
mailing list