Michael Stauber wrote:
> Hi Jim,
>
>
>> I just started getting this error returned as a Returned mail from our
>> server's "Mail_delivery_subsytem<MAILER-DAEMON (at mark) srv1.nomecity.org> and I
>> don't know about one of our users jenns (at mark) nomealaska.org with
>> jenns@localhost being used like it is, plus the line "jenns set sender
>> to <jdory (at mark) nomealaska.org> using -f " which I see a lot in our maillog
>> also with other email addresses set sender to from same user.
>>
>
> Most likely a PHP script owned by user "jens" is sending those emails.
>
> To find out which files that may be you can use several methods:
>
> Find all filesin /home/.sites/ owned by user "jens":
>
> find /home/.sites/ -user jens
>
> Go to the home directory of that user and then check what site that is:
>
> cd ~jens | pwd | cut -d / -f5
>
> That will report back something like "site2". To then find out the site's FQDN
> do this:
>
> ls -la /home/sites/ | grep site2
>
>
Many thanks for the reply, Michael,
It is the nomealaska.org server. Not sure what files it can be - maybe
openwebmail? - (I'll drill down into a couple directories) - and here
are the files:
[root (at mark) srv1 ~]# find /home/.sites/ -user jenns
/home/.sites/106/site3/users/jenns
/home/.sites/106/site3/.users/127/jenns
/home/.sites/106/site3/.users/127/jenns/.bash_logout
/home/.sites/106/site3/.users/127/jenns/.bash_profile
/home/.sites/106/site3/.users/127/jenns/Private
/home/.sites/106/site3/.users/127/jenns/mail
/home/.sites/106/site3/.users/127/jenns/mail/mail-trash
/home/.sites/106/site3/.users/127/jenns/mail/.imap
/home/.sites/106/site3/.users/127/jenns/mail/.imap/INBOX
/home/.sites/106/site3/.users/127/jenns/mail/.imap/INBOX/dovecot.index.log
/home/.sites/106/site3/.users/127/jenns/mail/.imap/INBOX/dovecot.index.cache
/home/.sites/106/site3/.users/127/jenns/mail/.imap/INBOX/dovecot.index
/home/.sites/106/site3/.users/127/jenns/mail/virus-mail
/home/.sites/106/site3/.users/127/jenns/mail/spam-mail
/home/.sites/106/site3/.users/127/jenns/mail/saved-drafts
/home/.sites/106/site3/.users/127/jenns/mail/saved-messages
/home/.sites/106/site3/.users/127/jenns/mail/sent-mail
/home/.sites/106/site3/.users/127/jenns/Network Trash Folder
/home/.sites/106/site3/.users/127/jenns/.vacation
/home/.sites/106/site3/.users/127/jenns/.vacation.msg
/home/.sites/106/site3/.users/127/jenns/.openwebmail
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webdisk
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webcal
/home/.sites/106/site3/.users/127/jenns/.openwebmail/openwebmailrc
/home/.sites/106/site3/.users/127/jenns/.openwebmail/pop3
/home/.sites/106/site3/.users/127/jenns/.openwebmail/pop3/pop3.check
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webaddr
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webaddr/.address.book.old
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webaddr/Converted
/home/.sites/106/site3/.users/127/jenns/.openwebmail/release.date
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail/address.book
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail/filter.ruledb.db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail/filter.check
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail/signature
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail/trash.check
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail/filter.folderdb.db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail/from.book
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail/search.cache
/home/.sites/106/site3/.users/127/jenns/.openwebmail/webmail/filter.pid
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/mail-trash.db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/saved-messages.cache
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/sent-mail.cache
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/saved-drafts.cache
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/sent-mail.db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/jenns.cache
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/saved-messages.db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/spam-mail.db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/virus-mail.db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/mail-trash.cache
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/saved-drafts.db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/db/jenns.db
/home/.sites/106/site3/.users/127/jenns/.openwebmail/history.log
/home/.sites/106/site3/.users/127/jenns/web
/home/.sites/106/site3/.users/127/jenns/web/index.html
/home/.sites/106/site3/.users/127/jenns/.forward
/home/.sites/106/site3/.users/127/jenns/.vacation_msg
/home/.sites/106/site3/.users/127/jenns/.bashrc
/home/.sites/106/site3/.users/127/jenns/mbox
/home/.sites/106/site3/.users/127/jenns/.spamassassin
/home/.sites/106/site3/.users/127/jenns/.spamassassin/bayes_seen
/home/.sites/106/site3/.users/127/jenns/.spamassassin/bayes_toks
/home/.sites/106/site3/.users/127/jenns/.spamassassin/user_prefs
/home/.sites/106/site3/.users/127/jenns/.spamassassin/auto-whitelist
/home/.sites/106/site3/.users/127/jenns/.spamassassin/bayes_journal
--
Jim Dory
Engineering
City of Nome
PO Box 281
102 Division St.
Nome, AK 99762
907.443.6604
http://www.nomealaska.org
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.