Dear Friends,
This past weekend, my server was exploited to distribute illicit SPAM.
The mechanism for this exploitation seems to have been my "FormMail.pl"
script, which is used to process web-form output. There seems to be no
other intrusion (as far as I can tell).
The AMMRL mail server (and my local web services) were down most of the
day today, as I tried to evaluate exactly what had happened. For the
moment almost all AMMRL services seem to be working; however, the
web-form for applying to AMMRL is disabled.
If anyone knows exactly how this exploitation of "FormMail.pl" works,
and how I can stop it, I would appreciate any education about this.
Until I fix it, I can't support any form-based submissions that forward
output through my mail services.
I apologize for any inconvenience caused by the interruption of services
to the AMMRL community. My local users were even more inconvenienced
because my web-based instrument reservation system was disabled for most
of the day...can anybody say "CHAOS"?!!
Best regards,
-Rich Shoemaker
---
Richard K. Shoemaker, Ph.D.
NMR Facility Director
University of Colorado at Boulder
Phone: (303) 492-7062 Fax: (303) 492-5894
E-Mail: Richard.Shoemaker_at_Colorado.edu
Received on Mon Feb 11 2002 - 16:05:04 MST