Page 1 of 1

Is my server compromised?

Posted: 2014/10/01 19:59:39
by javawookie
Hi I need a bit of advice, over the past week I keep receiving hundreds of undelivered spam emails, all from my domain name.
I though my server was secure as its locked down by IP access. I have checked the mail logs and keep seeing this below. Relaying is denied
so I don't know what to do to stop it. Any help would be great

Steve

Oct 1 13:57:55 sm-msp-queue[1148]: starting daemon (8.14.4): queueing@01:00:00
Oct 1 13:58:14 sendmail[1193]: s91DwE1r001193: from=<>, size=48980, class=0, nrcpts=1, msgid=<20141001124200.2D38319E237@s45.loopia.se>, proto=ESMTP, daemon=MTA, relay=s45.loopia.se [194.9.94.78]
Oct 1 13:58:15 sendmail[1194]: s91DwE1r001193: to=<item@bookingwidget.co.uk>, delay=00:00:01, xdelay=00:00:00, mailer=local, pri=79177, dsn=2.0.0, stat=Sent
Oct 1 13:58:27 t sendmail[1196]: s91DwRCo001196: from=<>, size=1583, class=0, nrcpts=1, msgid=<201410011358.s91DwRCo001196@bookingwidget.co.uk>, proto=ESMTP, daemon=MTA, relay=mout-bounce.kundenserver.de [212.227.15.22]
Oct 1 13:58:27 sendmail[1197]: s91DwRCo001196: to=<item@bookingwidget.co.uk>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31872, dsn=2.0.0, stat=Sent
Oct 1 13:59:58 sendmail[1251]: s91DxwiL001251: from=<>, size=51257, class=0, nrcpts=1, msgid=<75bb9a06-33f5-469a-96cf-58158a55da7f@vestatec.co.uk>, proto=ESMTP, daemon=MTA, relay=outgoing.net-work.net [212.38.95.93]
Oct 1 13:59:58 sendmail[1252]: s91DxwiL001251: to=<item@bookingwidget.co.uk>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=81469, dsn=2.0.0, stat=Sent
Oct 1 14:00:18 sendmail[1307]: s91E0IaD001307: from=<>, size=48785, class=0, nrcpts=1, msgid=<20141001124501.44A0F10F3@SPEE-LDC-RELAY02.speedster-it.com>, proto=ESMTP, daemon=MTA, relay=mail.speedster-it.com [81.19.55.227]
Oct 1 14:00:18 sendmail[1308]: s91E0IaD001307: to=<item@bookingwidget.co.uk>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=79010, dsn=2.0.0, stat=Sent
Oct 1 14:01:16 sendmail[1392]: s91E1F4l001392: from=<>, size=54950, class=0, nrcpts=1, msgid=<84d0eddc-1c83-4e09-84c2-ff1d34ca0356>, proto=ESMTP, daemon=MTA, relay=mail.medinadairy.co.uk [84.19.41.226]
Oct 1 14:01:16 sendmail[1393]: s91E1F4l001392: to=<item@bookingwidget.co.uk>, delay=00:00:01, xdelay=00:00:00, mailer=local, pri=85163, dsn=2.0.0, stat=Sent
Oct 1 14:07:10 sendmail[1748]: s91E7987001748: from=<>, size=99193, class=0, nrcpts=1, msgid=<2d922f76-be74-44cf-84e5-28a6758e5054@DBXPR03MB303.eurprd03.prod.outlook.com>, proto=ESMTP, daemon=MTA, relay=mail-db3on0145.outbound.protection.outlook.com [157.55.234.145]
Oct 1 14:07:10 sendmail[1749]: s91E7987001748: to=<item@bookingwidget.co.uk>, delay=00:00:01, xdelay=00:00:00, mailer=local, pri=129453, dsn=2.0.0, stat=Sent
Oct 1 14:07:11 sendmail[1751]: s91E7BK7001751: from=<>, size=52102, class=0, nrcpts=1, msgid=<201410011332.s91DVkKw000306-s91DWdKw000401@mx0.medway.gov.uk>, proto=ESMTP, daemon=MTA, relay=mx0.medway.gov.uk [194.81.212.20]