Ideas?
I run a webhosting provider, and someone seems to be using a cgi-script or php script to spam people. How would I go about figuring out what script is doing it?
Mar 29 15:12:44 divide0 sendmail[8679]: g2TKCiu08679: from=www, size=1980, class=0, nrcpts=17, msgid=<200203292012.g2TKCiu086
79@divide0.net>, relay=www@localhost
Mar 29 15:12:45 divide0 sendmail[18319]: g2TKCiu08679: to=jarulesgirl067@aol.com,deantonio@aol.c
aol.com,jarulesgirl11@aol.com,jarulesgir
aol.com,misskoojo@aol.com,ftn307@aol.com,l
ctladdr=www (67/67), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=511980, relay=mailin-02.mx.aol.com. [205.188.156.154]
, dsn=2.0.0, stat=Sent (OK)
Mar 29 15:12:44 divide0 sendmail[8679]: g2TKCiu08679: from=www, size=1980, class=0, nrcpts=17, msgid=<200203292012.g2TKCiu086
79@divide0.net>, relay=www@localhost
Mar 29 15:12:45 divide0 sendmail[18319]: g2TKCiu08679: to=jarulesgirl067@aol.com,deantonio@aol.c
aol.com,jarulesgirl11@aol.com,jarulesgir
aol.com,misskoojo@aol.com,ftn307@aol.com,l
ctladdr=www (67/67), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=511980, relay=mailin-02.mx.aol.com. [205.188.156.154]
, dsn=2.0.0, stat=Sent (OK)
