rolo2912 Posted July 7, 2014 Share Posted July 7, 2014 Got an email from my blacklist-monitoring service with the following content: Various sorts of open proxies. An open proxy is generally a web server that allows email sending to piggyback on a script that sends email. Dedicated Spam BOTs used to send spam. Worms/viruses that do their own direct mail transmission. Trojan-horse or "stealth" spamware. Did anyone else ever experience this? Checked the log-files but cant find any unusual activities. Could it be that the spam is sent out "under the radar" not loged in the logfiles? How can I check if the webserver is an open proxy? Thank you for any advice. Link to comment Share on other sites More sharing options...
d00p Posted July 7, 2014 Share Posted July 7, 2014 mail logs? Link to comment Share on other sites More sharing options...
rolo2912 Posted July 7, 2014 Author Share Posted July 7, 2014 That is the problem. No unusual activity. I have logwatch running and the outgoing emails reported are not a lot and all send to the typical receipient. My question is if there are modifications out there that bypass the standard MTA and use the server to send out spam? If yes, how can they be detected? Link to comment Share on other sites More sharing options...
d00p Posted July 8, 2014 Share Posted July 8, 2014 try something like this: https://www.rfxn.com/projects/linux-malware-detect/ - found a few things for me when i needed it Link to comment Share on other sites More sharing options...
rolo2912 Posted July 8, 2014 Author Share Posted July 8, 2014 Thanks so much for this link. Installed it. Link to comment Share on other sites More sharing options...
Question
rolo2912
Got an email from my blacklist-monitoring service with the following content:
Did anyone else ever experience this?
Checked the log-files but cant find any unusual activities. Could it be that the spam is sent out "under the radar" not loged in the logfiles?
How can I check if the webserver is an open proxy?
Thank you for any advice.
Link to comment
Share on other sites
4 answers to this question
Recommended Posts
Archived
This topic is now archived and is closed to further replies.