I have recently migrated a server from 10.6.8 to 10.8.2.
Previously the mail server had been running smoothly without any spam being sent or anything like that. I remember there being a setting that disallowed smtp relay for all connection but those listed and as such i promptly put in my subnet and another exception, i also required authentication and only accepted one type of authentication. This seemed to do the trick for the better part of 2 years.
However after the upgrade, there was no longer a setting for the smtp relay (i assumed apple just set it to no relay which i thought was default in a postfix server anyway) and i set the authentication to open directory users only, and i only have the mail service allowed for the users that need it. About a two months after the upgrade it started sending spam.
Some users had very weak passwords for accounts that were listed on the company website, so i also implimented 16 character randomly generated passwords for the users. This seemed to be the end of the spam, i wasn't sure if this was a coincidence or if someones account had actually been compromised.
Yesterday the spam started again. I wanted to test if the smtp relay was on but wasn't so sure how to do that, so i tried sending mail from home through the server without authentication, it didn't work, good i thought, but if i turn on outgoing mail server authentication and type in a username WITHOUT a password, the mail server sends happily. So this is potentially what is happening.
I have two questions, where and what do i look for to see if smtp relay is on? How do i make sure that the email server will only send fully authenticated emails