Jaap Westerbeek: > Supposing it IS a hacked SASL account, is there any way to stop that > rewriting process ? Or to know which account was being abused ? > Forcing all users to do a password change is not really an option with so > many accounts.
Postfix logs the SASL user name to the maillog file.
Wietse
