Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 15 Aug 2011 15:35:32 -0400
From:      alexus <alexus@gmail.com>
To:        Robert Bonomi <bonomi@mail.r-bonomi.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: looking for a spammer/virii/malware .... on my system
Message-ID:  <CAJxePNKg1wMXOR7cy-Hao%2BsHrXzpwMiyCs=Uu6mJMegYBXa%2Bkg@mail.gmail.com>
In-Reply-To: <201108151857.p7FIvqYe038073@mail.r-bonomi.com>
References:  <CAJxePNKiEmdimqgdtS-jYPOxExL6a489SR5JW2kCd25X6QFuHQ@mail.gmail.com> <201108151857.p7FIvqYe038073@mail.r-bonomi.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Robert Bonomi:

I didn't received anything from you other then part of my own email...

On Mon, Aug 15, 2011 at 2:57 PM, Robert Bonomi <bonomi@mail.r-bonomi.com> w=
rote:
>> From owner-freebsd-questions@freebsd.org =C2=A0Mon Aug 15 12:37:33 2011
>> Date: Mon, 15 Aug 2011 13:05:15 -0400
>> From: alexus <alexus@gmail.com>
>> To: freebsd-questions@freebsd.org
>> Subject: looking for a spammer/virii/malware .... on my system
>>
>> I received a SPAM complain from my ISP and we're trying to figure out
>> what/where the problem is...
>>
>> from headers:
>>
>> Received: from 64.237.55.83 by webmail.west.cox.net; Sun, 14 Aug 2011
>> 18:43:41 -0400
>>
>> 64.237.55.83 is an IP that resides on my box, obviously I'm not
>> sending out any spam intentionally, so maybe some of my users do and
>> not necessarily intentionally either could be a virus or malware or
>> whatever doesn't really matter, I just want to stop it.
>>
>> so just for now I did this
>>
>> su-3.2# ipfw add 666 deny ip from any to webmail.west.cox.net via any
>> 00666 deny ip from any to 68.6.19.1
>> su-3.2#
>>
>> what else can I do to find it on my system who's trying to connect to
>> remote webmail.west.cox.net ?
>>
>>
>> --
>> http://alexus.org/
>> _______________________________________________
>> freebsd-questions@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.=
org"
>>
>



--=20
http://alexus.org/

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJxePNKg1wMXOR7cy-Hao%2BsHrXzpwMiyCs=Uu6mJMegYBXa%2Bkg>