Hi, Is there a way to lock down postfix to send only from emails from the local server. I can see several spam emails stuck in the mailqueue an example below:
From "Marilu Fabrice" cherlynaultm@galwayholidaylets.com To "tangelamartinson5538" tangelamartinson5538@ama-trade.de
with this being the bounce back in the queue:
I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system
I have run a rootkit scanner and clamav nothing comes up so i am strugling to find out where the problem lies. If I can lock down the POSTfix sending then this will help, Just to note the server doesn't need to be set up to receive email it only sends mail from a few wordpress sites from webforms (which have captchas)
It could be you are running an email open relay, you have enabled DNS recursive queries, CMS/theme/plugin are hacked, hacked server or account, wrong configuration for postfix, or all together.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
hi, it could be as Diabolico - specially, I would change right a way passwords - for that account. I would be keen to think that password for that account was compromised due to as Diabolico mentioned or simply password was too easy to guess. I had that problem on my friends virtualmin. as soon as I changed password to 'normal' one (16 characters mixed with capitals and low letters and numbers) and deployed fail2ban all spam did gone away. good luck.
Configuring/troubleshooting Debian servers is always great fun