[clue-tech] HELP!! Someone has hijacked my mailserver for spam
Mike
lister-clue at gantsfort.com
Wed Feb 23 21:02:50 MST 2005
(sorry if this is a dupe used wrong email on first mailing)
I recently switched to postfix from qmail (i know don't fix it if it's
not broken) and today I have hundreds of undeliverable emails in my
inbox that were sent from my account. It looks like to me that someone
has spoofed my email address. All the emails are from me but there is no
corresponding log messages for any of th emails.
Here is my postfix configuration using postconf -n:
$ postconf -n
alias_maps = mysql:/etc/postfix/mysql-aliases.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 2
fallback_transport = virtual
home_mailbox = .maildir/
html_directory = no
inet_interfaces = all
local_destination_concurrency_limit = 2
local_recipient_maps = $alias_maps $virtual_mailbox_maps
unix:passwd.byname
local_transport = local
mail_owner = postfix
mailbox_command = /usr/bin/procmail
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, $mydomain
mydomain = gantsfort.com
myhostname = mail.gantsfort.com
mynetworks = 192.168.0.0/24, 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.1.5-r1/readme
relayhost = smtp.comcast.net
relocated_maps = mysql:/etc/postfix/mysql-relocated.cf
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_loglevel = 5
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_gid_maps = static:100
virtual_mailbox_base = /
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf
virtual_minimum_uid = 1000
virtual_transport = virtual
virtual_uid_maps = static:1002
What setting am i missing? Is there anything I can do about this? I can
post the headers of a message later if that will help.
TIA,
Mike
More information about the clue-tech
mailing list