A Wordpress site of a client got hacked and abused the server for spamming.
To prevent this in the future I created a script scanning for (an abundance of:
Oct 24 01:32:54 s01 postfix/pickup: ABC123: uid=1234 from=<email@example.com>
The trigger is the UID. When there are to much I want to block that account from sending mail. I searched the internet and thought it is best to use the postfix authorized_submit_users setting
I have found that this should work:
authorized_submit_users = !1234, static:all
But I want to automate this and don't want to dynamically alter the main.cf, for that I could use a hash:
- creating file: /etc/postfix/sendmailAllowedUsers
- adding to main.cf: authorized_submit_users = hash:/etc/postfix/sendmailAllowedUsers
- executing command: postfix reload
- executing command: postmap /etc/postfix/sendmailAllowedUsers
It all should work.. BUT what to put inside that has file?
I don't have the luxury to fumble around as it is a live server and don't have a comparable test server
I am guessing something like this:
# blocked users
# allowed users
.. but if someone could tell me the right answer that would be great!
Also, can I append the "static:all" to the hash (that way I only have to enter the UIDs to the hash file. Like so?
authorized_submit_users = hash:/etc/postfix/sendmailAllowedUsers, static:all