I doubt this is still relevant but wanted to share my experience as I had something similar today (but probably not 100% the same) and this was the first post showing up on google..
My case: I spotted a deferred mail coming from localhost with "mailer-daemon" going to a spammy looking/unusual receipient.
Headers of the mail all point to localhost/127.0.0.1 and no real signs of external access.
Content then gave it away: This was an auto-reply that had been set up. Spammer sent us a mail. Auto reply tried to reply.
So from a security perspective, all is still good.
My case: I spotted a deferred mail coming from localhost with "mailer-daemon" going to a spammy looking/unusual receipient.
Headers of the mail all point to localhost/127.0.0.1 and no real signs of external access.
Content then gave it away: This was an auto-reply that had been set up. Spammer sent us a mail. Auto reply tried to reply.
So from a security perspective, all is still good.
Statistics: Posted by sb0373 — Fri Nov 01, 2024 6:47 am