Facebook
Twitter
M
marcus@
Guest
Sorry for cross posting, but I'm getting a little desperate.
My server is sending spam--apparently from any domain on the server whether or not the domain is enabled in plesk and from users that are not set up in plesk but only if httpd is running.
I can't find the problem. I've looked in my logs and I get this repeating from mod_security:
But neither of those paths are valid.
I can only stop it by shutting off qmail or httpd entirely.
I've ran chkrootkit and rkhunter and neither finds anything.
ps -fuapache returns a bunch of lines exactly like this:
apache 6327 4345 0 08:55 ? 00:00:00 /usr/sbin/fcgi- -k graceful
I've checked my /tmp dir and nothing looks suspicious in there.
I am at a loss.
My server is sending spam--apparently from any domain on the server whether or not the domain is enabled in plesk and from users that are not set up in plesk but only if httpd is running.
I can't find the problem. I've looked in my logs and I get this repeating from mod_security:
PHP:
Apache-Error: [file "/usr/src/build/584794-i386/BUILD/httpd-2.0.46/server/core.c"] [line 3452] [level 3] File does not exist: /home/httpd/vhosts/default/htdocs/blogI can only stop it by shutting off qmail or httpd entirely.
I've ran chkrootkit and rkhunter and neither finds anything.
ps -fuapache returns a bunch of lines exactly like this:
apache 6327 4345 0 08:55 ? 00:00:00 /usr/sbin/fcgi- -k graceful
I've checked my /tmp dir and nothing looks suspicious in there.
I am at a loss.
