Gerardo Herzig wrote, at 12/11/2008 12:47 PM: > Victor Duchovni wrote: >> Change the password for the compromised account. Or do you offer free >> sign-up? > > Well, yes, that an option. But seems like a partial solution. About the > postfix configuration: There is anything i can do to avoid an account > @uklotto (or whatever is not my domain) send mail trough my server? Crap > i feel not :(
That's merely a symptom of your real problem: you have a compromised account, giving the spammer full access to your resource. As long as they can authenticate, they will find workarounds to any restrictions you put in place that still allow other authenticated users to send mail. For example, you really don't want them to start using your domain in a forged sender address. You must reset the password and/or delete the account. Do it sooner than later to avoid being blacklisted.
