Mail user's account hacked?
Our mail server's IP has gotten blacklisted due to spam coming from our server.
I have pored over the logs and cannot seem to figure out which user account it is being sent through, the information does not seem to be in the mailaccess or mail log.
Shouldn't there be a place where I can see a log of the account name, time, date, maybe a message ID #, who it was sent from/to? I can't seem to find this in the logs. Perhaps I do not have a high enough level of logging enabled?
Suggestions as to how to begin to track this down?