Someone has cracked my client, has placed a script which was a SMTP PERL server and began send spam. A question - how to block all SMTP connections for users, except exim?
Someone has cracked my client, has placed a script which was a SMTP PERL server and began send spam. A question - how to block all SMTP connections for users, except exim?
First of all delete this script and check if it made only spam.
Second point: check if website have vulnerability in it's code (you can try to disable execution of cgi-scripts only for this user or for all...)
Are you sure that you want to enable smtp connections only for user exim? Remember that most form mail use "php_mail" and meassages were sent from website's user.
