www-data sending spam mail hot to stop this?
www-data@domain name U=www-data P=local S=2299
2015-07-08 16:34:28 1ZCn9Q-0003u1-SL crammd5 authenticator failed H=smtp-********* [...] Error: authentication failed: authentication failure
2015-07-08 16:34:29 1ZCn9Q-0003u1-SL => alberto53141@outlook.com Alberto53141@outlook.com R=smarthost T=remotesmtpsmarthost H=smtp.....auth.iitb.ac.in [10.200.1.125] X=TLS1.0:RSAAES256CBC_SHA1:32 DN=“serialNumber=ds1qY45ldiSbrKEu29LdIyx57hEV0mpa,C=IN,ST=———-,L=——–i,O=—————–,OU=——————————–,CN=*.domain name”
2015-07-08 16:34:29 1ZCn9Q-0003u1-SL Completed
repeatadely going mails to different idies plz help i am newbie to exim. and linux also
One of your scripts on your website has been compromised.
let’s find the culprit. If you started getting this a day ago:
This will find all files modified in the last day
Change the “-1” to the number of days this has been going on
Also, try this:
This won’t catch them all, and there will be false positives, but it’s a place to start.
Also, stop postfix until you resolve this issue.
thanks JonsJava but in my exim4 logs, i m having logs from 29- jun 2015 to till today.
and in this logs showing all the activity above. i will try the above steps
JonsJava any clue ?????