I'm at a loss for how this happened (although I am not suprised). 
I created a new user account, and added the user name to my newaliases (postfix install) file so the user can begin to send/recieve mail.
I send a single email from my admin account (not root) to the new user account's email address from within the same server. Everything seemed fine end of request.
The next day hen the user has a chance to test his mail (users cannot login to server (/bin/false in passwd file) using mozilla-thunderbird as client, for the first time, he is getting spam!!!
He didn't even give out the email address yet (so it can't be from a job board or web site).
I am at a loss for how this new address was farmed, and where I should look. The server is Ubuntu, running Postfix, and the only user login is my admin all the rest are turned off.
Can anybody give me some suggestions on where to look?
Thanks
Tom
							
						
					I created a new user account, and added the user name to my newaliases (postfix install) file so the user can begin to send/recieve mail.
I send a single email from my admin account (not root) to the new user account's email address from within the same server. Everything seemed fine end of request.
The next day hen the user has a chance to test his mail (users cannot login to server (/bin/false in passwd file) using mozilla-thunderbird as client, for the first time, he is getting spam!!!
He didn't even give out the email address yet (so it can't be from a job board or web site).
I am at a loss for how this new address was farmed, and where I should look. The server is Ubuntu, running Postfix, and the only user login is my admin all the rest are turned off.
Can anybody give me some suggestions on where to look?
Thanks
Tom



Comment