httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Nunnelley <ja...@jasonn.com>
Subject Re: [users@httpd] Apache Sending Email?
Date Wed, 12 May 2010 02:18:48 GMT
 > I know. Have any ideas why the email address is apache@xxx.xxx? 
Apache exploit? Just trying to understand.

It's Apache. I'm guessing your web server runs as "apache" so that's why 
it's sending email as "apache." It doesn't mean Apache is compromised, 
but it may mean you have a publicly writable directory that has a 
script. The best thing for you to do is look at the email header and see 
what script generated the email. It may tell you. osCommerce, Wordpress, 
Drupal, etc. all have built in email scripts that sometimes get 
hijacked. Or, someone can upload a file if you have a world writable 
directory that also executes scripts.

You may want to configure all directories that are writeable so folks 
can upload files as no-exec directories in your Apache config.

Jason A. Nunnelley
+1 2562971652

http://www.google.com/profiles/imjasonn

[Member Tekany, LLC]


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message