View Single Post
  #4  
Old 17th January 2008, 09:51
Hans Hans is offline
Moderator
 
Join Date: Dec 2005
Location: Montfoort, The Netherlands
Posts: 2,256
Thanks: 212
Thanked 648 Times in 294 Posts
Send a message via Skype™ to Hans
Default

Another tip:
Verify your mail.log files and try to find out via which user sends the spam.

Also go to http://www.mxtoolbox.com/blacklists.aspx and check if your server is not blacklisted in te mean time.
To check if you have an open relay, you can use the site http://www.abuse.net/relay.html
If you have a insecure contactform in one of your websites you will probably see that spam has been sent via a systemuser.
If you use a default ISPConfig server, this is the Apache user. On Debian this is www-data, but can be different on other Linux distributions.
If you use ISPConfig with suPHP enabled, insecure contact forms are more easy to locate, because in that case spam has been sent via the webadmin of that website and not via the apache user.
__________________
Hans

BB-Hosting | Quality Web Hosting since 2005

Last edited by Hans; 17th January 2008 at 10:11.
Reply With Quote