Hi all, I am having a serious spamming problem. The problem is that the emails do not seem to be taking the normal route. Here are the full headers: X-From-Line: foo@bar Wed Jan 26 16:50:04 2000 X-Gnus-Mail-Source: directory:/home/dominic/email/incoming/ Message-ID: <m3n1psfp56.fsf@totally-fudged-out-message-id> X-Sorted: SPAM Lines: 64 Xref: rlevesque.com spam:172 X-Gnus-Article-Number: 172 Wed Jan 26 17:23:49 2000 There are no "received" headers. Even the subsystem mail has received header showing the path the message has traveled. I have no idea how the mail is getting in /var/spool/mail/$USER. I am using fecthmail to fetch my mail from a POP3 server. Usually fetchmail is started automatically through /etc/ppp/ip-up.local. For now I will do it by hand to see if I could see something suspicious. I am also investigating the rpm package and non rpm files to see if I can see something suspicious... Any idea on how to proceed to investigate the problem? Bob Mitchell has already given me some suggestion. - setting up ipchains-firewall - run rpm -Va - Check ls, ps, top, etc. to make sure they are OK. - Look for files that do noit belongs to rpms ( he sent me a perl script to do part of that job ). - investigate the processes running - use netstat - shutting down unuse deamon - check the log file If anyone can help me figure this one out I would appreciate nay help on the matters. Thanks Dominic. -- ================================================================== Dominic Mitchell Email: [EMAIL PROTECTED] Department of Economics mailto:[EMAIL PROTECTED] Queen's University Kingston, Ontario The XXI century starts on 2001-01-01! Canada, K7L 3N6 Le XXI siècle débute le 2001-01-01! ================================================================== -- To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe" as the Subject.
