Jul 2 10:03:03 my-server postfix/pickup[14702]: 878D313894B: uid=33 from=<www-d

1. Jul 2 10:03:03 my-server postfix/pickup[14702]: 878D313894B: uid=33 from=<www-data>
2. Jul 2 10:03:03 my-server postfix/cleanup[14916]: 878D313894B: message-id=<20180702080303.878D313894B@example.com>
3. Jul 2 10:03:03 my-server postfix/qmgr[19570]: 878D313894B: from=<www-data@example.com>, size=40324, nrcpt=1 (queue active)
4. Jul 2 10:03:05 my-server postfix/smtp[14923]: 878D313894B: to=<mdm12xx@hotmail.com>, relay=hotmail-com.olc.protection.outlook.com[104.47.42.33]:25, delay=2.1, delays=0.03/0.03/1.1/0.93, dsn=2.6.0, status=sent (250 2.6.0 <20180702080303.878D313894B@example.com> [InternalId=11360188501262, Hostname=BY2NAM03HT083.eop-NAM03.prod.protection.outlook.com] 45866 bytes in 0.498, 89.854 KB/sec Queued mail for delivery)
5. Jul 2 10:03:05 my-server postfix/qmgr[19570]: 878D313894B: removed
6.  
7.  
8. Jul 2 10:03:03 my-server postfix/pickup[14702]: 97D4E138950: uid=33 from=<www-data>
9. Jul 2 10:03:03 my-server postfix/cleanup[14916]: 97D4E138950: message-id=<20180702080303.97D4E138950@example.com>
10. Jul 2 10:03:03 my-server postfix/qmgr[19570]: 97D4E138950: from=<www-data@example.com>, size=40308, nrcpt=1 (queue active)
11. Jul 2 10:03:03 my-server postfix/smtp[14933]: 97D4E138950: to=<a@a>, relay=none, delay=0.14, delays=0.01/0.02/0.11/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=a type=AAAA: Host not found)
12. Jul 2 10:03:03 my-server postfix/bounce[14935]: 97D4E138950: sender non-delivery notification: B9416138951
13. Jul 2 10:03:03 my-server postfix/qmgr[19570]: 97D4E138950: removed
14.  
15.  
16. Jul 2 10:03:03 my-server postfix/cleanup[14916]: A6851138951: message-id=<20180702080303.A6851138951@example.com>
17. Jul 2 10:03:03 my-server postfix/qmgr[19570]: A6851138951: from=<>, size=42121, nrcpt=1 (queue active)
18. Jul 2 10:03:03 my-server postfix/bounce[14935]: 9C33113894C: sender non-delivery notification: A6851138951
19. Jul 2 10:03:03 my-server dovecot: lmtp(service@example.com): mNzcKTfcOVtZOgAAruHjSQ: msgid=<20180702080303.A6851138951@example.com>: saved mail to INBOX
20. Jul 2 10:03:03 my-server postfix/lmtp[14936]: A6851138951: to=<service@example.com>, orig_to=<www-data@example.com>, relay=example.com[private/dovecot-lmtp], delay=0.03, delays=0/0.01/0.01/0.01, dsn=2.0.0, status=sent (250 2.0.0 <service@example.com> mNzcKTfcOVtZOgAAruHjSQ Saved)
21. Jul 2 10:03:03 my-server postfix/qmgr[19570]: A6851138951: removed
22.  
23. #################################################################
24. # ANTI SPAM: https://www.howtoforge.com/virtual_postfix_antispam
25. #################################################################
26. smtpd_helo_required = yes
27. strict_rfc821_envelopes = yes
28. disable_vrfy_command = yes
29. unknown_address_reject_code = 554
30. unknown_hostname_reject_code = 554
31. unknown_client_reject_code = 554
32.  
33. smtpd_sender_restrictions = reject_unknown_address
34.  
35. smtpd_helo_restrictions =
36. permit_mynetworks,
37. reject_invalid_hostname,
38. regexp:/etc/postfix/antispam/helo.regexp,
39. permit
40. #smtpd_recipient_restrictions =
41. # permit_sasl_authenticated,
42. # permit_mynetworks,
43. # reject_unauth_destination
44. smtpd_recipient_restrictions =
45. check_client_access hash:/etc/postfix/antispam/helo_client_exceptions
46. # check_sender_access hash:/etc/postfix/antispam/sender_checks,
47. reject_invalid_hostname,
48. ### Can cause issues with Auth SMTP, so be weary!
49. reject_non_fqdn_hostname,
50. ##################################
51. reject_non_fqdn_sender,
52. reject_non_fqdn_recipient,
53. reject_unknown_sender_domain,
54. reject_unknown_recipient_domain,
55. permit_mynetworks,
56. reject_unauth_destination,
57. # Add RBL exceptions here, when changing rbl_client_exceptions, this file must be regenerated using postmap <file>, to generate a Berkeley DB
58. check_client_access hash:/etc/postfix/antispam/rbl_client_exceptions,
59. reject_rbl_client cbl.abuseat.org,
60. # reject_rbl_client zen.spamhaus.org,
61. reject_rbl_client bl.spamcop.net,
62. # reject_rbl_client list.dsbl.org
63. reject_rhsbl_sender dsn.rfc-ignorant.org,
64. # check_policy_service inet:127.0.0.1:60000,
65. permit
66.  
67. smtpd_relay_restrictions =
68. permit_mynetworks,
69. # permit_sasl_authenticated,
70. defer_unauth_destination
71.  
72. Attack detail : 173Kpps/38Mbps
73. dateTime srcIp:srcPort dstIp:dstPort protocol flags bytes reason
74. 2018.07.02 16:35:04 CEST xx.xx.xx.xx:41403 78.46.61.106:80 UDP --- 29 ATTACK:UDP