Hello this is my first time here.
I do know a little about linux but I can't seem to find out the source of tons of SPAM emails being sent out on my server.
Here is a small portion of the QMAIL queue
29 May 2014 06:29:00 GMT #13879694 601 <marina_velazquez@spam_domain1.org>
remote lykos@asia.com
29 May 2014 06:35:05 GMT #13880108 636 <iva_holman@spam_domain1.org>
remote killerbeas@web.de
29 May 2014 06:38:26 GMT #13880223 677 <kathryn_spence@spam_domain1.org>
remote rose91643@sssnet.com
29 May 2014 06:40:44 GMT #13879786 620 <marisol_harper@spam_domain1.org>
remote sipaseud_738@hotmal.com
29 May 2014 07:20:08 GMT #13880361 642 <candace_hammond@spam_domain2.com>
remote korsgaard@aol.dk
29 May 2014 07:21:44 GMT #13880407 659 <esperanza_barnett@spam_domain2.com>
remote korupt.1@bigpond.com.au
Here is what I find when with less on the last mail
Tkorsgaard@aol.dk^@Received: (qmail 7343 invoked by uid 33); 29 May 2014 07:20:07 -0500
Date: 29 May 2014 07:20:07 -0500
Message-ID: <20140529122007.7341.qmail@ldc2040.aus.us.siteprotect.com>
To: korsgaard@aol.dk
Subject: Ha ha
From: "Candace Hammond" <candace_hammond@spam_domain2.com>
Reply-To: "Candace Hammond" <candace_hammond@spam_domain2.com>
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
<!-- Contents of spam message removed--> ^@
I see is says UID 33 but there is no mail log file that I can find this is Ubuntu server
How can I isolate the source of the spams?
Are they from a script on the server? if so how can I locate it?
Can they be from a remote machine? if so how do I know?
Thanks for any help I really need this fixed ASAP
Paul
