Corrected that in the conf file.
If I check the dovecot user, I see its been compromised also - a bunch
of crap in their login folder.
I didn't create the dovecot.conf with a /var/run/dotvecot though, so
someone else did that.
More updates as I check further.
On May 18, 2008, at 2:54 PM, Andraž 'ruskie' Levstik wrote:
ROFL...
This was a good way to start the day...
Correct your typo in the dovecot.conf file ;)
Here's a hint ;) See base_dir...
drwxr-xr-x 3 root root 4096 2008-05-18 13:30 dotvecot
dovecot.conf
cat /etc/dovecot/dovecot.conf base_dir = /var/run/dotvecot
-- Andraž "ruskie" Levstik Source Mage GNU/Linux Games grimoire guru Geek/Hacker/Tinker
Be sure brain is in gear before engaging mouth. Ryle hira.
Key id = F4C1F89C Key fingerprint = 6FF2 8F20 4C9D DB36 B5B6 F134 884D 72CC F4C1 F89C