Postfix relayed trotz Authentifizierungszwang

Hallo Ich hatte gestern feststellen müssen, dass mein Mailsystem auf meinem Root-Server trotz Authentifizierungszwang (SASL mit TLS) als Relay für einen Spammer herhalten musste. Selbst das Ändern des Passwortes hat nichts bewirkt. Erst als ich heute ein komplettes Netzwerksegment (Abuse-Mail an den Inhaber ist raus) über die Firewall gesperrt habe, ist erstmal Ruhe eingekehrt. Im Logfile tauchen allerdings auch andere IPs auf (sind erstmal nicht gesperrt). Wie kann es sein, das Postfix als Relay arbeitet, wenn nur authentifizierte User und der Rechner selbst mailen dürfen? Ich nutze SuSE 9.0, Postfix, Antivir-Mailgate und SpamAssassin 3.0. h8239:~ # postconf -n alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases broken_sasl_auth_clients = yes canonical_maps = hash:/etc/postfix/canonical command_directory = /usr/sbin config_directory = /etc/postfix content_filter = smtp:127.0.0.1:10024 daemon_directory = /usr/lib/postfix delay_warning_time = 5 disable_dns_lookups = no mail_version = Postfix (singollo.de) mailbox_transport = lmtp:unix:public/lmtp mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man masquerade_exceptions = root message_size_limit = 26214400 mydestination = $myhostname, $mydomain mydomain = singollo.de myhostname = h8239.singollo.de myorigin = $mydomain newaliases_path = /usr/bin/newaliases notify_classes = resource, software, delay readme_directory = /usr/share/doc/packages/postfix/README_FILES relocated_maps = hash:/etc/postfix/relocated sample_directory = /usr/share/doc/packages/postfix/samples sendmail_path = /usr/sbin/sendmail setgid_group = maildrop smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_tls_CAfile = /etc/postfix/certs/singollo.pem smtp_tls_cert_file = /etc/postfix/certs/singollo.pem smtp_tls_cipherlist = HIGH:@STRENGTH smtp_tls_key_file = /etc/postfix/certs/singollo.pem smtp_tls_loglevel = 2 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_timeout = 3600s smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name NO_SPAM_ALLOWED_HERE smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_maps_rbl smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_hostname smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_tls_CAfile = /etc/postfix/certs/singollo.pem smtpd_tls_cert_file = /etc/postfix/certs/singollo.pem smtpd_tls_key_file = /etc/postfix/certs/singollo.pem smtpd_tls_loglevel = 2 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 450 virtual_alias_domains = serverkompetenz.net virtual_alias_maps = hash:/etc/postfix/virtual Zwei Mails, die fälschlicherweise relayed wurden: h8239:~ # grep "5C0707E807A" /var/log/mail Sep 26 09:52:23 h8239 postfix/cleanup[31261]: 5C0707E807A: message-id=<20040926075223.5C0707E807A@h8239.singollo.de> Sep 26 09:52:23 h8239 postfix/qmgr[5596]: 5C0707E807A: from=<>, size=3593, nrcpt=1 (queue active) Sep 26 09:52:24 h8239 postfix/smtp[30436]: 5C0707E807A: to=, relay=mail.charter.net[209.225.8.224], delay=1, status=sent (250 ok: Message 339213529 accepted) h8239:~ # grep "666557E804E" /var/log/mail Sep 26 06:51:15 h8239 postfix/cleanup[13490]: 666557E804E: message-id=<20040926045115.666557E804E@h8239.singollo.de> Sep 26 06:51:15 h8239 postfix/qmgr[5596]: 666557E804E: from=<>, size=3569, nrcpt=1 (queue active) Sep 26 06:51:16 h8239 postfix/smtp[13160]: 666557E804E: to=, relay=mail.charter.net[209.225.8.224], delay=1, status=sent (250 ok: Message 355082858 accepted) Gruß Udo