I got a surprise today when I found that I have an email in my inbox from firstname.lastname@example.org. The email had subject “Subject” and has content “Content”. My first instinct was that someone has hacked into my VPS. After a few minutes of mind-racking, I remembered that I had created a PHP file on the VPS named ‘mail.php’ to test whether emails were being sent. But, no one knew of it’s existence except me. Someone must’ve stumbled upon it my chance.
I logged into my VPS and checked the access logs.
[bash]cat animorphsfanforum.access.log | grep ‘mail.php'[/bash]
[code]126.96.36.199 – – [20/Jul/2010:05:32:40 +0000] "GET /mail.php HTTP/1.0" 200 0 "-" "ia_archiver (+http://www.alexa.com/site/help/webmasters; email@example.com)"[/code]
I have a Firefox plugin to check the Alexa rank, and the URL must’ve been sent to Alexa when I executed that script for the first time. The Alexa bot sent the email while crawling the URL.
Much ado about nothing?