On 01/08/2018 03:52 PM, Greg Freemyer wrote:
I no longer think postfix or relaying was the problem. Instead it was a penetration of an old Wordpress test site I had.
BINGO! That would be my strong suspicion. If you let your web apps get just slightly out of date (wordpress, mediawiki, etc..) you roll out the welcome mat to the spammers. (the updates to those webapps are generally in response to discovered vulnerabilities) I had a mediawiki site compromised in 2013 and had about 300 bogus accounts created in a day. The flood of spam followed. I rolled in a backup of the mysql tables for mediawiki and hit the update button. Have not had any problems since. Good luck with the rebuild.... -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org