Question : is someone hacking my postfix email server?

I've been noticing (not very frequent but disturbing nevertheless) some weird emails on our postfix setup.

Background: this is a relay server that we have deployed to retrieve and archieve all sent and received emails from all accounts. Our ISP does the actual sending.

The strange part is that on the "Sent" folder, every now and then, I see an email that is most definetely a spam. Which means this email is sent either via our relay server or via the ISP's account.

This email account is used by many employees, but I can't be sure if it actually originates from us.

So my question is: how do I know which computer station is sending the email? (Can I get the IP from the header?)

Thank You

Answer : is someone hacking my postfix email server?

Hi,

I am not sure on how it came on your sent account folder.
Do you have pop access ? I mean is there any POP access enabled in the server.

Also one possibility is:

1. They use the From: company@mydomain.com and say To: company@mydomain.com BCC: abc@hotmail.com, 123@yahoo.com etc
Now, the message from yahoo will be bounced back to your server saying: 123 does not exist at yahoo. Then again, if company@mydomain.com is not configured in your server, your server will again send an email back to yahoo saying company@ does not exist. The email on your sent could be a backscatter http://en.wikipedia.org/wiki/Backscatter_(e-mail)

Check out this also: http://www.pcworld.com/businesscenter/article/145449/100_email_bouncebacks_youve_been_backscattered.html

Cheers,
Shashi

Random Solutions

Antenna Gain Cisco Aironet 1200

Vista: Connect using dial-up networking

Can't Answer Calls & No Caller ID in FreePBX

udp error detection

Available Networks

Setting up a Cisco Aironet 1200 as an access point.

Creating a DNS Record

Samba Cant join computers to the domain

Availble SIP Soft phones?

New IP Address Range