It is not possible to say with the information given, so you are really the only one who can find the culprit.
First, I am not a 'buntu user, but it looks to me as if that is a VERY old version! If so, it is almost certain that there are multiple unpatched exploit vectors, so whatever the immediate cause, the fix must involve an update (aka reinstall) to a current OS version.
Also, is this a VPS, a hosted server or your own hardware and router?
Next, if Postfix is not well configured it may be serving as an open relay - so that is a good first place to start. Use your favorite search engine and learn what "open relay" means and how to test and configure for that.
Webmin, known to have many exploits in recent years as I recall, what version and is it fully patched?
Firewall? How is that configured?
Are you running any web sites from that machine? Are you running any WordPress instances? What version?
How many people have access to the machine, and what type of access? Have you checked the logs?
+1 for killing Postfix, but you still need to verify whether that stopped the spam traffic, and you need to keep that system off the internet until it is fully fixed and configured, otherwise the spammer will still have access and you will never, ever, get it fixed as along as they have such access.
|