On Mon, 2006-05-22 at 23:11 -0400, CodeHeads wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, 23 May 2006 00:14:32 +0000 replies-lists-redhat@xxxxxxxxxxxxxxxxxxxxx > wrote: > > i haven't been following this topic in great detail, but i suspect that > > you have a form on your site that is being exploited for "form spam". > > if you're not familiar with this, search google for "form spam". > > > > - Rick > > > Rick, > Thank you, No, I have not heard of this. I don't think that's what this is. Form spam takes advantage of poorly-coded mail/contact forms and uses them to send mail to recipients other than those intended by the form designer. What's happening here is that the spammer is running their own code (downloaded into /tmp) to send the mail, a rather more serious situation. Paul.