On Thu, 2006-05-18 at 19:01 -0400, CodeHeads wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 18 May 2006 15:49:11 -0700 "Kayvan A. Sylvan" <kayvan@xxxxxxxxxx> wrote: > > > Set up a good firewall and install OSSEC-HIDS ( http://www.ossec.net ) > > on your machine. It has a great analysis engine and will catch > > intrusions into your system. > > > > Why are you following qmail installation instructions for sendmail? > > > > ---Kayvan > > LOL, I guess that I did not make it clear enough. As "noted" before. > > Machine 1 => The "Web Server" is running just "sendmail" > > Machine 2 => The "Email Server" is running "Qmail" with the instructions that > that site I mentioned. > > Is this clear enough?? LOL No. You still haven't said which one of the machines is sending out the spam. Did you reinstall the same web apps on the web server that you had before, i.e. could exactly the same exploit have been re-applied? Paul.