On Fri, 11 Mar 2005 08:17:00 -0700, Robin Laing <Robin.Laing@xxxxxxxxxxxxxxx> wrote: > Bob Brennan wrote: > >>If you followed the instructions I gave, they'd be in /var/spool/mqueue.spam > >> > > > > > > As soon as I got to the machine, with spam still obviously being sent > > out, I checked all users. There were only entries for me as root > > having logged on just a few moments earlier, nothing else. I won't > > rule that out of course but occam's razor points to my many attempts > > to get sendmail to relay my remote Evolution/Outlook clients. > > Apparently I *did* get relaying working - just not for me! I had > > carefully noted my changes to sendmail.mc (mentioned earlier) and the > > first thing I did was comment them out, rebuild and reboot. It was the > > reboot that flagged up the mysqld problem, and that might have > > happened over several weeks since I rarely reboot. > > > > I wonder if one of the Outlook clients was doing the spamming? Again > the headers and log files may give a hint but the headers were deleted. Robin- I never actually got any remote Outlook clients working, although Outlook on the LAN was ok. The spam text was Chinese pictures, graphics, and text - nothing I had ever seen before in my own Inbox as spam; so I am guessing it was a relay from a chinese machine to a chinese audience. I am not at my machine right now but plan to do some forensics on it asap. The MySql missing/corrupt file is /var/lib/mysql/mysql/host.frm which is part of the users/permissions database for mysql itself. Right next to that directory is the /Horde/ database which I have been installing/configuring in the last few days so I suspect that problem was unrelated to the spam incident. Thanks for the thoughts, bob