wget, apache and spam

To: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
Subject: wget, apache and spam
From: sethurf <sethurf@free.fr>
Date: Mon, 12 Apr 2010 21:12:35 +0200
Message-id: <[🔎] 4BC370A3.4010907@free.fr>

Hi,

Since a few months, I try to find a solution for my problem.

Indeed, files are put into /tmp/ (like dc.txt, email.txt, enviar.txt,
etc.) with the www-data (=apache) user.

In these files, there are perl scripts and mails (so much mails !!).
Perls scripts are running and send spam, so, my mail server is used to
send spams via the apache mail function.

The server was reinstalled 2 months agos, but this didn't fix the
problem. In apache's error.log file :

--2010-04-12 04:32:07-- 
http://202.30.29.220/~sungjun/.../www.finasa.com.br/email/email.txt
Connecting to 202.30.29.220:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 22 [text/plain]
Saving to: `email.txt'

     0K                                                       100% 1.73M=0s


A lot of lines like these ones, the "wget" function seems to be used...
There is nothing else in logs (/var/log). I don't know how files are put
(from where ?) in /tmp/, no rootkit seems existing.

Would you have any solution for me ? I don't know what to do... Maybe
there is a big big bug/fault in a hosted file for a hosted website.

Thanks a lot !

Reply to:

Follow-Ups:
- Re: wget, apache and spam
  - From: Jon Dowland <jmtd@debian.org>

Prev by Date: Re: Google repositories
Next by Date: Re: Google repositories
Previous by thread: Re: Google repositories
Next by thread: Re: wget, apache and spam
Index(es):
- Date
- Thread