Sendmail is still sending quite a bit of spam.
Then not all XSS where fixed?
Or are you running an open relay by any chance?
Does any logging show any clues?
I was told of an injection through anon. ftp sites to get past the mod_security setup. Then the hacked would execute a link on a particular site to trigger the injection passed through ftp. Is this ftp style injection possible?
Any more details on what you've been told? If PHP is not in safemode (fopen*) then protocol or location doesn't matter AFAIK.
If so, how can I find out if it is the case with my server? Also if there is anything I can setup agenst this style of injection on my server?
Check if you can apply all basic PHP security measures. Check developer/maintainer/community support for the PHP-based SW you run to see if new releases fix any XSS holes. If no support is given or no fixes are available or if it's homebrew you could use
http://www.owasp.org/index.php/Cross_Site_Scripting,
http://ha.ckers.org/xss.html and
http://phpsec.org/library/ as a starting point to audit the code yourself, or use something like
http://quickwired.com/kallahar/small...r_function.php and
http://forum.hardened-php.net/viewto...p?pid=291#p291.
http://www.acunetix.com/security-audit/ could also be helpful in determining XSS vulnerabilities.