How to detect and prevent postfix from dishing out spam email from compromised mail account

We host email and websites for numerous customers on a dedicated server running CentOS and configured through Virtualmin.

Email is handled through Postfix.

Over the weekend we noticed that a clients email account had been compromised and the server had been used to basically pump out spam. As a result our server was blacklisted, affecting every other account on the server. We believe that a desktop machine was infected with malware which allowed the spammers access to the SMTP login credentials to the account in question. From that point on it was open season.

My question is: is there anyway to put anything in place to automatically detect spam like activity of this nature?



Leave a Reply