--On Tuesday, July 15, 2003 8:17 PM -0600 John Brown <jmbrown@chagresventures.com> wrote:
Nope, I thought it might be operational in nature. ergo spammers and others now scanning for qmail-smtp-auth patch users and using those weak sites as a relay.
I think this *is* operational in nature. FYI, we have found this hack actively being used on seemingly secure qmail, exchange, IMail, postfix servers run by admins with clue. And we have a pattern of the same content and an apparent small set of source IPs. (I'm working on that angle now) Check your mail logs campers. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -= Margie Arbon Mail Abuse Prevention System, LLC margie@mail-abuse.org http://mail-abuse.org