Postfix sends spam mail, and i cannot track down, where they come from. There was an infected CMS installation, which i repaired; the infection came with an existing Joomla a client brought from another hoster; so i fixed that, but i keep getting abuse mails, mainly from aol.com.
So , how can i track down, who sends this emails?
My postfix config:
non-default parameters
alias_maps hash:/etc/aliases
append_dot_mydomain no
biff no
broken_sasl_auth_clients yes
default_destination_concurrency_limit 5
default_destination_recipient_limit 5
home_mailbox Maildir/
mailbox_command /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit 0
mynetworks 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
readme_directory no
recipient_delimiter +
smtp_tls_session_cache_database btree:${data_directory}/smtp_scache
smtpd_banner $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_restrictions permit_mynetworks permit_inet_interfaces reject_unknown_reverse_client_hostname
smtpd_recipient_limit 5
smtpd_recipient_restrictions permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_sasl_auth_enable yes
smtpd_sasl_authenticated_header yes
smtpd_sender_restrictions hash:/etc/postfix/access
smtpd_tls_cert_file /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database btree:${data_directory}/smtpd_scache
smtpd_use_tls yes
virtual_alias_maps hash:/etc/postfix/virtual
main.cf
parameters defined as per defaults
alias_database hash:/etc/aliases
config_directory /etc/postfix
inet_interfaces all
mydestination $myhostname, localhost.$mydomain, localhost
smtpd_sasl_security_options noanonymous
Best