Hi,

since yesterday my mail server is sending massive spam and I try to figure out if my account has been hacked or there is an configuration failure with my server (postfix+dovecot running on arch). I found the following message in the logs even after changing the password for the user "USER":

pam_unix(dovecot:auth): user [[email protected]] has blank password; authenticated without it

and it seems that after this postfix allows to relay the incoming "spam" mails.

btw. postfix is using dovecot as SASL provider and dovecot is configured to use PAM. PAM settings are default, i.e.

using swaks-tool I was not able to generate same message on server side - even If I keep password empty. Any help is much appreciated. First question is: in what circumstances will the server generate this message and how can I reproduce it?