hacked

Hi,

My qmail box has been hacked:

here is a message recived in mymachine/maildir/new:

(i replace the hacked domaine with example.com, and my machine name with
12345.ovh.net ))

What can i do???????
__________________

Return-Path: <#@[]>
Delivered-To: postmaster@ns12345.ovh.net
Received: (qmail 1320 invoked for bounce); 1 Apr 2008 14:49:34 -0000
Date: 1 Apr 2008 14:49:34 -0000
From: MAILER-DAEMON@ns12345.ovh.net
To: postmaster@ns12345.ovh.net
Subject: failure notice

Hi. This is the qmail-send program at ns12345.ovh.net.
I tried to deliver a bounce message to this address, but the bounce bounced!

<LynnemoStover@scamvictimsunited.com>:
208.56.184.176 does not like recipient.
Remote host said: 550 5.1.1 <LynnemoStover@scamvictimsunited.com>...
User unknown.accessgen.rbl
Giving up on 208.56.184.176.

--- Below this line is the original bounce.

Return-Path: <>
Received: (qmail 24389 invoked for bounce); 1 Apr 2008 14:49:33 -0000
Date: 1 Apr 2008 14:49:33 -0000
From: MAILER-DAEMON@ns12345.ovh.net
To: LynnemoStover@scamvictimsunited.com
Subject: failure notice

Hi. This is the qmail-send program at ns12345.ovh.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<billing@example.com.com>:
Sorry, no mailbox here by that name. vpopmail (#5.1.1)

--- Below this line is a copy of the message.

Return-Path: <LynnemoStover@scamvictimsunited.com>
Received: (qmail 8048 invoked by uid 503); 1 Apr 2008 14:49:33 -0000
Received: from unknown (HELO utentec8eb0d7c.homenet.telecomitalia.it)
(87.21.107.156)
by ns12345.ovh.net with SMTP; 1 Apr 2008 14:49:33 -0000
Received: from
14598296591473434.13791265889132947.18121439213740 689.11265040305086994
(HELO localhost.localdomain)
(18210874851628879.17652827686384629.1849604631855 8586.19680412842270039)
by
18581045974696701.15311597126044208.18713306499362 675.15748104325906137
with SMTP; Tue, 1 Apr 2008 16:41:09 -0100
Date: Tue, 1 Apr 2008 16:41:09 -0100
Message-Id: <3IX302EJXVWDA638@scamvictimsunited.com>
X-Mailer: MIME::Lite 3.01 (F2.72; A1.62; B3.01; Q3.01)
X-Header-CompanyDBUserName: hpccm
X-Header-MasterId: 516062
X-Header-Versions: Hewlett-Packard.4t8bn1nd4.fk@us.newsgram.hp.com
X-FID: 55E79DBC-8973-29AF-B9E3-32CDEA52DCB3
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: <billing@example.com>
From: "Della Goode" <LynnemoStover@scamvictimsunited.com>
Subject: Wallstreet Insider

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2963" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV align=left><FONT face=Arial size=2><U><I>We told you to watch DnC
Multimedia Corporation Today</I></U></FONT></DIV><BR>
<DIV align=left><FONT face=Arial size=2>Huge Volume Spike and Over 20%
gains on a ground breaking PR from the company reassured our beliefs in
the company</FONT></DIV>
<DIV align=left><FONT face=Arial size=2><B>Symbol:DCNM</B></FONT></DIV><BR>
<DIV align=left><FONT face=Arial size=2><U>Just released today
</U></FONT></DIV>
<DIV align=left><FONT face=Arial size=2>DnC Multimedia Announces
Distribution Agreement and $445,000 Purchase Order, read more about
it.</FONT></DIV><BR>
<DIV align=left><FONT face=Arial size=2>Grab this gem while its in cents
it wont last there long.</FONT></DIV><BR>
<DIV align=left><FONT face=Arial size=2><B><U>Ride the gains with DCNM
DnC Multimedia Corporation Today</U></B></FONT></DIV>
</BODY></HTML>

Séverin Richard <severin.richard@free.fr> writes:

> Hi,
>
> My qmail box has been hacked:
>
> here is a message recived in mymachine/maildir/new:
>
> (i replace the hacked domaine with example.com, and my machine name
> with 12345.ovh.net ))
>
> What can i do???????

Looks to me like typical spam blowback. What makes you think your box
has been hacked?

--
Dave Sill Oak Ridge National Lab, Workstation Support
Author, The qmail Handbook <http://web.infoave.net/~dsill>
<http://lifewithqmail.org/>: Almost everything you always wanted to know.