Subj : How to detect WORMS/VIRUS that send spam
To   : comp.os.linux.networking,comp.os.linux.misc,comp.os.linux,comp.os.linux.help
From : stevephils
Date : Tue Aug 03 2004 01:31 am

Hi Linux Techies,

My firm is using Linux Mandrake configuartion for our mail server and
the internal computers connect through LAN technologies like Ethernet
which used with DSL/Cablemodems and dialup connections. This mail
server act as the proxy or firewall for all sort of internet
activities(browsing,chating,file transfers,..).Internal computers are
mostly Windows and Linux based(maximum of 20 PCs altogether).
Currently we noticed that all of our staff members are receiving lot
of spam mails with some attachments(mostly with some *.pif extension)
in their official mail address. I notice that the spamming is
happening only the days our mail server is up(On holidays spam is not
happening). Unfortunately I'm the one who administering the
configuration and all other computer related activities.I'm not an
expert in networking or even in Linux OS internals though :-).

I'm digging deep to find any VIRUS/WORMS really reside in our LINUX
mailserver. How can I know any vulnerabilities in LINUX machine?
Also I like to know whether some outsider can use our LINUX SMTP
server to send the spam mail to happen spamming. Is anyway to check
this outside intrusion?

What are the common ways to find such vulnerabilities in LINUX
configuration?

Thanks!

.