Dear Patrixk, I express my gratitude to this list . I am grateful for the people in the list who contribute their gems. I am new to postfix (qmail migrant) , but with a lively list like this i am feeling home.
the postcat is very handy to print the headers and contents i am sure i should be able to nab the culprit next time he/she does the same. In the meantime i shall improve the password policy and do research on the valuable inputs got . Kind Regds mallah. On Mon, Apr 25, 2011 at 12:52 AM, Patrick Ben Koetter <p...@state-of-mind.de> wrote: > * mallah.raj...@gmail.com <mallah.raj...@gmail.com>: >> i am using policyd but it looks like it has no control once the initial >> connection is established , authenticated and pipelining is being used to >> pump spam . Is it really so?. > > At least version 1 of policyd can throtte SASL authenticated senders. I don't > know about v2. > >> Also can anyone pls guide if/how it is possible to know what account was >> compromised by seeing the files that lie in the deferred section of postfix >> queue? > > Use "postqueue -p" to identify a spam message in the deferred queue. > Use "postcat -q QUEUEID" to examine the message and verify it is spam. > grep for the QUEUEID in your logs. If you run a recent version of Postfix the > log will turn up the sasl_login name. Search for the sasl_login name in your > database to identify the account and disable it. > > p@rick > > -- > All technical questions asked privately will be automatically answered on the > list and archived for public access unless privacy is explicitely required and > justified. > > saslfinger (debugging SMTP AUTH): > <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/> >
