looking for a spammer/virii/malware .... on my system

alexus alexus at gmail.com
Mon Aug 15 17:35:41 UTC 2011

I received a SPAM complain from my ISP and we're trying to figure out
what/where the problem is...

from headers:

Received: from by webmail.west.cox.net; Sun, 14 Aug 2011
18:43:41 -0400 is an IP that resides on my box, obviously I'm not
sending out any spam intentionally, so maybe some of my users do and
not necessarily intentionally either could be a virus or malware or
whatever doesn't really matter, I just want to stop it.

so just for now I did this

su-3.2# ipfw add 666 deny ip from any to webmail.west.cox.net via any
00666 deny ip from any to

what else can I do to find it on my system who's trying to connect to
remote webmail.west.cox.net ?


More information about the freebsd-questions mailing list