rolo2912 Posted July 7, 2014 Posted July 7, 2014 Got an email from my blacklist-monitoring service with the following content: Various sorts of open proxies. An open proxy is generally a web server that allows email sending to piggyback on a script that sends email. Dedicated Spam BOTs used to send spam. Worms/viruses that do their own direct mail transmission. Trojan-horse or "stealth" spamware. Did anyone else ever experience this? Checked the log-files but cant find any unusual activities. Could it be that the spam is sent out "under the radar" not loged in the logfiles? How can I check if the webserver is an open proxy? Thank you for any advice.
rolo2912 Posted July 7, 2014 Author Posted July 7, 2014 That is the problem. No unusual activity. I have logwatch running and the outgoing emails reported are not a lot and all send to the typical receipient. My question is if there are modifications out there that bypass the standard MTA and use the server to send out spam? If yes, how can they be detected?
d00p Posted July 8, 2014 Posted July 8, 2014 try something like this: https://www.rfxn.com/projects/linux-malware-detect/ - found a few things for me when i needed it
Question
rolo2912
Got an email from my blacklist-monitoring service with the following content:
Did anyone else ever experience this?
Checked the log-files but cant find any unusual activities. Could it be that the spam is sent out "under the radar" not loged in the logfiles?
How can I check if the webserver is an open proxy?
Thank you for any advice.
4 answers to this question
Recommended Posts
Archived
This topic is now archived and is closed to further replies.