Hi all I discovered today a strange behavior on one of my servers. Several IPs were able to connect to PostFix and send emails using SASL authentication. I thought first the account used has been compromised so I changed password using ISPConfig but connections spammers could still connect and send emails. So I deleted the account and messages continued to send through. Mail log is full of postfix/smtpd[21107]: 33BC02A4F1: client=host-92-27-169-145.static.as13285.net[92.27.169.145], sasl_method=LOGIN, [email protected] where XXX@ is a non existent email (I checked in database). At this moment, the only way to stop sending have been to disable LOGIN method for SASL. Any idea haw such a thing can happen ? I googled my problem but found no solution… Thanks for your help Fredol
I got the same error 3 month ago… The solution was to reconfigure the service with ispconfig… From then everything work fine ;-)
