Hello there and welcome to LQ. Hope you like it here.
Can anyone help to give some explanation about the output
Unlike monolithic MTA's like Sendmail, Postfix uses different named applications for different tasks. If you are unsure which application handles which task you should check out the explanation in the main Postfix site: the "Anatomy" part.
confirm whether my server was compromised or not.
Process names can be an indication of cracker activities if the name appears in the list and contains strings like backdoor, shell, startadore, etc, etc, but a process name can be changed. I say "appears in the list" because processes can be hidden. Processes' environment can be an indication as well. An application that was started as root account user but resides as (setuid root) binary in a directory for holding temporary files or has a current working (CWD) or root directory that looks "odd" can be an indication of cracker activity.
From this explanation you see your "ps" output is not complete, does not provide the necessary details and should not be taken as an authoritative means to safely confirm the machine was compromised or not. What to look for? If the machine is compromised you can expect to see one or more of the following (and more): reports from remote networks (scanning usually), changes in network traffic volume, network sources and destinations (.tw, .cn, .id, .kr, .hu, .br to name a few TLD's that could be an indication if you have no business with those), port ranges (outbound scanning, IRC, spam, DoSsing), inbound ports that are never used, strange behaviour of the host (accounts with an accessable shell, processnames, logfile anomalies, missing authentication records, missing files, setuid root binaries in temp dirs) etc, etc.
To check for symptoms please start by reading and following steps from the "Intruder Detection Checklist (CERT)":
http://www.cert.org/tech_tips/intrud...checklist.html and post any info you get. If you post info please make sure you post exact lines and not approximations. If unsure reboot the machine and perform the checks from a Live CD whose binaries are trustable. Next to that it may be beneficial to run your file integrity scanner (like Aide, Samhain or even tripwire: if installed) and Chkrootkit and/or Rookit Hunter to see if that trips on something.
Also how to control this situation.
If you mean "manage" Postfix in the most general way, then that should be a separate question in say the Software or Server forum.