Hello,
Some one is using my server to send emails, emails are going out from nobody (or whatever generic email I have setup in the control panel’
Is there anything I can do on the qmail configuration to stop those,
They could be using php or perl, but i searched the server i could not find from where
Any help
Issam
Hi Issam,
One thing you can do temporarily, assuming the exploit is coming from a php script, is to edit the /etc/php.ini file and add “mail” to the list of functions that aren’t allowed.
disable_functions = “mail”
and restart the webserver. It can be tricky to track down where the security hole is. Often times some things that help are looking for suspicous files under /tmp, /var/tmp, and /dev/shm, and comparing their timestamps to the apache log files (/home//var//logs/transfer.log)
If you need help tracking this down this time you could open a support ticket with login info and we could take a look.
Paul