On Tue, 2009-11-10 at 17:07 -0500, Chris Arnold wrote: > Hello list! We are being blacklisted every few days from verizon. This > is less important right now as I need to find out if/who is sending > spam from the email server or if the server is an open relay. I am > less inclined to think postfix (which is what we use) is an open > relay. More inclined to think someone has gotten an account is sending > spam out using the server. What is the best way to find out who/if an > account is sending spam from the server? > I am trying to gain access to the mail server as we speak but the > password I have been given is not working so I can not provide you > with the version of postfix or any logs at this moment.
Watch the abuse address and Enable feedback loops AOL, HOTMAIL etc provide feedback loops The spammer will surely be hitting some aol accounts. If someone at AOL marks mail as spam you get the abuse complaint. Thats the easiest way of tracing the compromised account. Thanks Ram
