Article 10347 at 07/07/10 17:07:04 From: bqlist (at mark) distortal.com Subject: [coba-e:10347] Re: Finding a Mail Script

Index: [Article Count Order] [Thread]

Date:  Tue, 10 Jul 2007 09:02:50 +0100
From:  D <bqlist (at mark) distortal.com>
Subject:  [coba-e:10347] Re: Finding a Mail Script
To:  coba-e (at mark) bluequartz.org
Message-Id:  <46933D2A.7020002 (at mark) distortal.com>
In-Reply-To:  <469328FE.2070005 (at mark) enavn.com>
References:  <4692406B.1050803 (at mark) distortal.com> <469328FE.2070005 (at mark) enavn.com>
X-Mail-Count: 10347

Jes Kasper Klittum wrote:
> I usually grep the access log for POST and php - that oftenly finds the 
> culprit.
> 
> cat /var/log/httpd/access_log | grep php | grep POST

This is (almost) what I did in the end and found one script being used 
more than I would have thought, given the content of the site.  I 
updated the PHP script and everything is much quieter this morning.

I'm going to give Hugh's grep suggestion a go as well in case there are 
others on the server that our friendly neighbourhood spammers haven't 
found yet.  Thanks to both of you for your suggestions.

Regards,

D