Hi, I am running Ispconfig 2 on Debian. I found out that the server is misused for spam sending. What I have checked is: - port 25 is closed from external, only connections from localhost/127.0.0.1 are allowed So this system is not a open relay. But still there are many mails popping up in the queue. this is one message: Code: May 13 10:27:50 ip2 postfix/pickup: 42EC21076B: uid=33 from=<[email protected]> May 13 10:27:50 ip2 postfix/cleanup: 42EC21076B: message-id=<[email protected]> May 13 10:27:50 ip2 postfix/qmgr: 42EC21076B: from=<[email protected]>, size=661, nrcpt=1 (queue active) May 13 10:27:50 ip2 postfix/smtp: 42EC21076B: to=<[email protected]>, relay=gateway[x.x.x.22]:25, delay=0.03, delays=0.01/0/0.02/0, dsn=5.0.0, status=bounced (host gateway[x.x.x.22] said: 550 Sender is not allowed. (in reply to MAIL FROM command)) May 13 10:27:50 ip2 postfix/bounce: 42EC21076B: sender non-delivery notification: 49A211080E May 13 10:27:50 ip2 postfix/qmgr: 42EC21076B: removed I don't understand where the messages come from, where/how they are generated. When I look at the "/etc/passwd" file the id 33 is this: So this means that the webserver is generating all these mails? Can you help me?