Alex: > Hi, > I have a postfix-3.1.4 system with a few hundred people using the > submission service. One of the accounts was recently compromised, and > started sending mail as fake users in the same domain. How can I > prevent this?
See: http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps And use one of: http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch http://www.postfix.org/postconf.5.html#reject_authenticated_sender_login_mismatch http://www.postfix.org/postconf.5.html#reject_unauthenticated_sender_login_mismatch http://www.postfix.org/postconf.5.html#reject_known_sender_login_mismatch Features like this multiply like rabbits. To rate-limit a compromised client, see http://www.postfwd.org. Wietse