I run postfix as a mail server and once upon a time one of email accounts is "hacked" and spam bots can login through that account and send spams.
Permit_sasl_authenticated is the second rule of recipient restriction, so after SASL authentication the user is allowed to send mails everywhere.
Code:
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, ....
Is there some way how to stop the bot from sending mails or at least limit it till I ask the mail owner to change his password ??