Now it’s working again - time for the fun bits…
-
Have a quiet word to the offending account holder. Find out how the breach started (was their password “password1”?) and make sure it doesn’t happen again. (Some people seem like magnets for these kind of problems.)
-
Be sure you monitor Munin regularly - it shows msg queue size, etc and will indicate quickly when there is a problem. You can setup (on another box) a munin to monitor all your servers, and send out automated alerts.
-
Consider email rate limits. This out of MIAB scope but easy enough to do - just keep a record of the config changes you make, because you may have to reapply them after each MIAB update. You might start with a look at http://www.postfix.org/TUNING_README.html#conn_limit.
Fun, fun, fun 