Question

Postfix seems to be hacked

Posted February 20, 2017 2.1k views
Configuration Management Ubuntu 16.04

Hello everyone,

I’m having an issue with postfix on my server. It seems someone has hijacked it and it sending emails from my server. I’m getting thousands of emails like this:

This is the mail system at host pdotmedia.com. 

I'm sorry to have to inform you that your message could not 
be delivered to one or more recipients. It's attached below. 

For further assistance, please send mail to postmaster. 

If you do so, please include this problem report. You can 
delete your own text from the attached returned message. 

The mail system 

<*********@yahoo.co.uk>: host mx-eu.mail.am0.yahoodns.net[188.125.69.79] 
said: 554 5.7.9 Message not accepted for policy reasons. See 
https://help.yahoo.com/kb/postmaster/SLN7253.html (in reply to end of DATA 
command)

Can someone please help me solve this, I’ve had to reset to shutting off postfix on the server.

Thank you

Add a comment
PrimalYeti
By:
PrimalYeti
edited by asb
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer
gc948486cbc56b8 February 22, 2017

http://dkimvalidator.com/

Make sure you have SPF and DKIM working. Probably DKIM is enough. Potentially you get a better spam score with more identification schemes working.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help