Thank you uxbod and phoenix.
It seems everything is OK after I checked my server by ./chkrootkit and /var/log/secure.
I have deleted all the spam mails in the queue and change the mail account's password that could be compromised.
What I want to know is how I can avoid the same thing if another mail account is compromised in the future.
Is there any measure can be done such as some setting in zimbra or postfix? |