Michael Stauber wrote:
> Hi Jim,
>
>
>> I just started getting this error returned as a Returned mail from our
>> server's "Mail_delivery_subsytem<MAILER-DAEMON (at mark) srv1.nomecity.org> and I
>> don't know about one of our users jenns (at mark) nomealaska.org with
>> jenns@localhost being used like it is, plus the line "jenns set sender
>> to <jdory (at mark) nomealaska.org> using -f " which I see a lot in our maillog
>> also with other email addresses set sender to from same user.
>>
>
> Most likely a PHP script owned by user "jens" is sending those emails.
>
> To find out which files that may be you can use several methods:
>
> Find all filesin /home/.sites/ owned by user "jens":
>
> find /home/.sites/ -user jens
>
> Go to the home directory of that user and then check what site that is:
>
> cd ~jens | pwd | cut -d / -f5
>
> That will report back something like "site2". To then find out the site's FQDN
> do this:
>
> ls -la /home/sites/ | grep site2
>
>
This particular user is on vacation and has her webmail personal info
set to forward her email to a hotmail account. Otherwise I see nothing
unusual but I may be missing something.. /jd
--
Jim Dory
Engineering
City of Nome
PO Box 281
102 Division St.
Nome, AK 99762
907.443.6604
http://www.nomealaska.org
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.