Question

Postfix seems to be hacked

Hello everyone,

I’m having an issue with postfix on my server. It seems someone has hijacked it and it sending emails from my server. I’m getting thousands of emails like this:

This is the mail system at host pdotmedia.com. 

I'm sorry to have to inform you that your message could not 
be delivered to one or more recipients. It's attached below. 

For further assistance, please send mail to postmaster. 

If you do so, please include this problem report. You can 
delete your own text from the attached returned message. 

The mail system 

<*********@yahoo.co.uk>: host mx-eu.mail.am0.yahoodns.net[188.125.69.79] 
said: 554 5.7.9 Message not accepted for policy reasons. See 
https://help.yahoo.com/kb/postmaster/SLN7253.html (in reply to end of DATA 
command) 

Can someone please help me solve this, I’ve had to reset to shutting off postfix on the server.

Thank you


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

http://dkimvalidator.com/

Make sure you have SPF and DKIM working. Probably DKIM is enough. Potentially you get a better spam score with more identification schemes working.