FYI... I posted this also in the general foums... before I knew I could post hear
VirtualMin Pro on Redhat Enterprise Linux 6
A few days ago it looks like I had a PHP form attack to send spam emails. I have since disabled the script and domain - so it looks like no worries there. Although I still see the bouces/delays/deferred responses in the queue...see below.
I am 98% sure that they did not get SSH in, as I use a key for access.
However... I am getting the error:
/usr/bin/postqueue -p failed : sh: /usr/bin/postqueue: No such file or directory
When i click on the "Mail Queue" under the Postfix server in Webmin - it also shows 0 emails in queue below the icon. However, when I run a "mailq" prompt there is mail in the queue.
Inbound emails hit the boxes fine, and we are able to POP/IMAP them out...be any email sent on the server, to local or outside domains, just sits in the queue. Or at least looks like it does.
I dont know how/why/if they were able to change this. Any help/directions would be appreciated.
I found this in my logwatch
1 Mar 5 15:34:37 host postfix/smtpd: improper command pipelining after NOOP from unknown[18.104.22.168]