Sending spam - help to find source

Discussion:

Sending spam - help to find source

(too old to reply)

a***@gmail.com

2016-03-16 15:10:24 UTC

Hi,

i have a Debian LAMP server with Plesk.

I found many outgoing email, and in /var/log/mail.info found as source :

13:03:13 44251 postfix/pickup[22000]: 016078823428: uid=0 from=<root>

I already exclude PHP ( because i use directive mail.log = /mylog/maillog.log and i check that email is not starting from php).

I already change root password and check with some antirootkit tool that server is clean.

How I can obtain more detail about who is sending this email (es how to increment log detail of postfix)?

Thanks

d***@gmail.com

2016-03-17 17:56:57 UTC

Post by a***@gmail.com
Hi,
i have a Debian LAMP server with Plesk.
13:03:13 44251 postfix/pickup[22000]: 016078823428: uid=0 from=<root>
I already exclude PHP ( because i use directive mail.log = /mylog/maillog.log and i check that email is not starting from php).
I already change root password and check with some antirootkit tool that server is clean.
How I can obtain more detail about who is sending this email (es how to increment log detail of postfix)?
Thanks

Hi

It may be system related emails like cron.

Regards

Victor

1 Reply
1 View
Permalink to this page
Disable enhanced parsing

Thread Navigation

a***@gmail.com 2016-03-16 15:10:24 UTC

d***@gmail.com 2016-03-17 17:56:57 UTC

about - legalese

Loading...