My Postfix has gone wild, is it compromised

Solution 1:

You have an open relay. Change the mynetworks variable to mynetworks = 127.0.0.1. Reset all passwords (just to make sure).

After that do a SMTP check for your server at http://mxtoolbox.com and look if it is still an open relay.

By the way reduce logging to the standard value. Another tip: paste the logs directly to this question next time, rewrite your question to plain readable(!) English. And accept answers to your former questions.

Edit

The logging can be reset to the default by (re)setting

debug_peer_level = 2
debug_peer_list =

(yes, the last line ends with the equal sign)

Edit 2

I forgot to mention the settings in master.cf where there maybe lines ending with smtpd -v or even more than one -v. Remove the -vs.

Solution 2:

Looking at the log and postmaster email it seems like you're running an open relay - this is problem #1 that needs to be fixed. Not being a postfix guru I can only point you at the Postix relating and access control documentation.

Problem #2 is that you're out of disk space on whatever drive is queueing your mail -- You can probably fix this by dumping your postfix queue. (That I know how to do -- run the command postsuper -d ALL as root).


You must fix the open relay problem -- Open relays are bad for you and for the environment internet. If your server remains an open relay for any length of time you will be listed on a multitude of spam blocklists. Check your blacklist status on mxtoolbox or a similar site once you fix the problems above and take the necessary steps to clean up any mess that may have been made.