- Domain is sending spam emails with enabled Outgoing Mail Control and disabled "Allow scripts and users to use Sendmail"
- Mails sent from scripts are not presented in the Postfix mail queue
Spam is sent directly to recipients via SMTP protocol or via other mail server acting as open relay.
Disable scripts to send mail to non-local server via SMTP with firewall.
iptables rule with
owner match to pass SMTP traffic only from a
The following sample rule will block outgoing SMTP traffic not from
postfix to non-local server IP addresses.
# iptables -I OUTPUT -p tcp --dport 25 -m owner ! --gid-owner mail ! -d <your_server_ip_addresses> -j REJECT
Additional details could be obtained in a iptables manual or in iptables tutorial
Otherwise, to mitigate the risk, you should remove
127.0.0.1 from whitelist and enforce SMTP authentication.