Postfix help needed

piradeep · 05-01-2012, 02:47 PM

Hi,

Need help in deleting mailq. I am logged in as root. But I am not able to execute postsuper -d ALL.

TB0ne · 05-01-2012, 02:59 PM

Quote:

Originally Posted by piradeep

Hi,

Need help in deleting mailq. I am logged in as root. But I am not able to execute postsuper -d ALL.

And if you told us what error(s) you were getting, what version/distro of Linux, or gave ANY details, we might be able to help.

piradeep · 05-01-2012, 03:18 PM

Thank you for your immediate response. Please find the below details.

CentOS release 5.4 (Final)/ kernal - 2.6.18-028stab091.2

I get "bash: postsuper: command not found"

TB0ne · 05-01-2012, 04:14 PM

Quote:

Originally Posted by piradeep

Thank you for your immediate response. Please find the below details.

CentOS release 5.4 (Final)/ kernal - 2.6.18-028stab091.2

I get "bash: postsuper: command not found"

Ok...that means the command isn't in your path. You can either type in "locate postsuper", or "find / -name postsuper" (as root), then type in the whole path name of the command, such as "/usr/sbin/postsuper -xxx"

piradeep · 05-01-2012, 04:39 PM

Thanks a lot. I am new to linux. And this is a learning for me. Thank you. That deleted 22435 hacked messages in mailq. I have another question. Not sure whether to ask in this post. here is is.

My server is hacked. And anonymous emails are sent. I researched a lot. As I am new I am not able to find out the exact problem. Here is bt line that I added in /etc/postfix/main.cf

piradeep · 05-01-2012, 04:41 PM

mynetworks = 1**.***.**.**/30, 1**.***.**.**/30, 192.168.1,*/24;
smtpd_client_restrictions = permit_mynetworks

An I also restarted postfix. I am not able to find out where I am wrong

piradeep · 05-01-2012, 04:45 PM

And mailq starts like this..

-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
4FF06A72D93 849 Tue May 1 21:43:01 root
root

551A7A731F8 849 Tue May 1 21:44:01 root
root

piradeep · 05-01-2012, 04:46 PM

Do I have to just change the root password??

TB0ne · 05-01-2012, 05:13 PM

Quote:

Originally Posted by piradeep

Do I have to just change the root password??

Your root password probably has NOTHING to do with your mail server being used by a spammer...maybe. Also, if your server has been compromised, changing your root password won't do much to fix it...there are probably many other avenues into your server, that have been put in place. And you should always open a new thread, for a new question.

That said, you need to be VERY sure that your server has been HACKED, versus having an unsecured mail relay server. The two are VERY different. If you're brand-new to Linux, and this is a company mail server, your best course of action would be to hire a consultant that specializes in Linux/mail servers. Securing a mail server is NOT a trivial task, and if you have been compromised, you need to sort it out NOW, not use it as a learning experience. There are many how-to guides you can find:

http://etutorials.org/Linux+systems/...+7.5.+Postfix/
http://www.postfix.org/docs.html

Again, if you aren't sure of what you're doing with Linux, this is a daunting task, which is why I suggest you hire a consultant. Have their work documented, and learn from what they are doing.

piradeep · 05-02-2012, 01:35 PM

Okay. Will follow that. Thanks a lot..