Originally Posted by tristanlee85
I did some reading on SASL, which I guess is a way to remote login and user the (my) server as a SMTP relay. In /etc/postfix/main.cf I found smtpd_sasl_auth_enable = yes so I changed it to smtpd_sasl_auth_enable = no. Do you think this will fix my problems?
I dont think that this will help you. Enabled SASL means that only authenticated users are allowed to send, disabling sasl means no one is allowed to send except that the IP of the sender is within mynetworks.
Did you have a look at /etc/passwd if there is a user brandon and has this user been created by you or one of your customers? Did you check your server with e.g. rkhunter (http://www.rootkit.nl
) for rootkits?