Facebook
TwitterDeltaFox2211
New Pleskian
Hello everyone,
Last night i found out that someone manipulated one of my domains.
They are now sending through a php script spam mails.
I tried the following things.
1.) I installed a sendmail-wrapper but that wasn't working don't know why, did everything what was in the plesk FAQ
2.) I was searching for the script in every directory
So now here comes the suspicious part.
I got mails from the mailer daemon and he said the UID and name of the script were 10003 and the script has the name utf.php
So i did the following.
I searched in passwd for the UID number 10003
And i discovered that there is no user with the UID 10003
Ok then i did the following i searched on the whole server with the command find -iname 'utf.php' but nothing returned.
So my question is how do i find the script and why is the mailer-daemon sending me this stuff and why is there no user with the id 10003 but the mailer-daemon says there is one.?
Hope someone can help me because i am now at the end of my possibilities..
My specs:.
Plesk 11.0
Ubuntu Server 10.04 LTS
Qmail
Last night i found out that someone manipulated one of my domains.
They are now sending through a php script spam mails.
I tried the following things.
1.) I installed a sendmail-wrapper but that wasn't working don't know why, did everything what was in the plesk FAQ
2.) I was searching for the script in every directory
So now here comes the suspicious part.
I got mails from the mailer daemon and he said the UID and name of the script were 10003 and the script has the name utf.php
So i did the following.
I searched in passwd for the UID number 10003
And i discovered that there is no user with the UID 10003
Ok then i did the following i searched on the whole server with the command find -iname 'utf.php' but nothing returned.
So my question is how do i find the script and why is the mailer-daemon sending me this stuff and why is there no user with the id 10003 but the mailer-daemon says there is one.?
Hope someone can help me because i am now at the end of my possibilities..
My specs:.
Plesk 11.0
Ubuntu Server 10.04 LTS
Qmail
