My FC3 machine appears to be compromised, please help

Bob Brennan rbrennan96 at gmail.com
Thu Apr 6 13:53:59 UTC 2006


On 4/6/06, Mike Klinke <lsomike at futzin.com> wrote:
> On Thursday 06 April 2006 06:14, Bob Brennan wrote:
>
> >
> > This is using php4 but somewhere Sendmail is changing the @domain
> > in both the From and To fields(?). The delivery to Sendmail is
> > through the php command
> > mail($to, $subject, $msg, $headers);
> >
> > Both problems started happening at the same time - somehow,
> > somewhere, Sendmail thinks my machine domain is
> > "wc.funnel.revenuedirect.com.akadns.net" it seems? I have
> > searched sendmail.cf and sendmail.mc and neither contain that
> > name or have been modified.
>
>
> What does sendmail think about your system identity?
>
> "echo \$Z | /usr/sbin/sendmail -bt -d0"
>
> Regards, Mike Klinke

[root at mi-server ~]# echo \$Z | /usr/sbin/sendmail -bt -d0
Version 8.13.1
 Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG MAP_REGEX
                MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6
                NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS
                USERDB USE_LDAP_INIT

============ SYSTEM IDENTITY (after readcf) ============
      (short domain name) $w = mi-server
  (canonical domain name) $j = mi-server.net
         (subdomain name) $m = net
              (node name) $k = mi-server.net
========================================================

ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> 8.13.1
> [root at mi-server ~]#




More information about the fedora-list mailing list