I have a server which doesn't have much activity. Today, suddenly server load went higher than 12 which compared to its normal value(0.5) is way too high. I checked and found out that postfix is being used by a program named smpt
to send emails. Its full arguments:
smtp -t unix -u
I use CentOS release 6.7
, I update my server on regular basis. netstat
shows me something like this:
I also checked /var/log/maillog
which told me in last 10 hours hundreds of thousands of email has been sent.
How can I find out who is behind this? How can I find out if it's internal or external?
P.S: postfix is down.