Topic: Outbound email flooding

[bruce]

About a year ago my SME 6.x server was hacked, and I had to reinstall everything. When I installed 7.0 (about 6 months ago) it looked like everything was working great. Today, I have the same problem. Horrific outbound email to hundreds of unknown addresses, eating up all outbound bandwidth.

I'm not a major unix/linux guy, and have no idea where to begin researching this issue. All the traffic is queued up on the server, none is from any of the known users, and everyone is detached.

[CharlieBrady]

I'm not a major unix/linux guy, and have no idea where to begin researching this issue.

I'd advise you to hire someone who does have that competence to help you out.

If you have not installed any web applications (blogs, CMS, web forms, etc), then you should contac t security@contribs.org so that they can investigate the compromise which you think has occurred. If you have installed a web application, an insecurity in it is likely the cause of your problem.

[bruce]

Charlie,

Long time to email. I am using a CMS Portal (Mambo) for my site. I checked out their forum while waiting for your reply and did find that there is a phpmailer problem that is part of PHP, not Mambo specifically. The solution exists at http://forum.mamboserver.com/showthread.php?t=67706&highlight=email+exploit
.

Best to you this holiday season!

Bruce