After spammer attack emails are all in queue and not delivered

[gabrydoc3]

Hi all,
I have this problem, exim stop send mail from 2 days, i can receive mail in my main account and now are all in cpanle mail queue manager.
This a part of mail exim_mainlog

2014-03-23 13:03:38 1WRcZH-0005HM-Jg liberomx1.domain.com [212.52.xx.xx] Connection timed out
2014-03-23 13:04:48 1WRcZi-0005Yc-U7 liberomx1.domain.com [212.52.xx.xx] Connection timed out
2014-03-23 13:04:48 1WRcZi-0005Yc-U7 == [email protected] R=lookuphost T=remote_smtp defer (110): Connection timed out
2014-03-23 13:04:58 1WRgz8-0000Ch-57 liberomx3.domain.com [212.52.84.67] Connection timed out
2014-03-23 13:05:23 1WRg2h-0007zh-4v alt3.gmail-smtp-in.l.google.com [173.194.xx.xx] Connection timed out
2014-03-23 13:05:25 cwd=/etc/csf 2 args: /usr/sbin/exim -bpc
2014-03-23 13:05:31 1WRcaY-0005wX-Ci mx3.hotmail.com [65.54.xx.xx] Connection timed out
2014-03-23 13:05:31 1WRcaY-0005wX-Ci == [email protected] R=lookuphost T=remote_smtp defer (110): Connection timed out
2014-03-23 13:05:45 SMTP connection from [89.118.xx.xx]:51282 (TCP/IP connection count = 1)
2014-03-23 13:05:45 no IP address found for host 89-118-51-30-static.domain3.net (during SMTP connection from [89.118.xx.xx]:51282)
2014-03-23 13:05:46 1WRcZH-0005HM-Jg liberomx1.domain.com [212.52.xx.xx] Connection timed out
2014-03-23 13:05:46 1WRcZH-0005HM-Jg == [email protected] R=lookuphost T=remote_smtp defer (110): Connection timed out
2014-03-23 13:05:48 dovecot_login authenticator failed for ([192.168.2.33]) [89.118.51.30]:51282: 535 Incorrect authentication data (set_id=tomek)
2014-03-23 13:05:54 dovecot_login authenticator failed for ([192.168.2.33]) [89.118.51.30]:51282: 535 Incorrect authentication data (set_id=tomek)
2014-03-23 13:06:05 dovecot_login authenticator failed for ([192.168.2.33]) [89.118.51.30]:51282: 535 Incorrect authentication data (set_id=tomek)
2014-03-23 13:06:22 dovecot_login authenticator failed for ([192.168.2.33]) [89.118.51.30]:51282: 535 Incorrect authentication data (set_id=tomek)
2014-03-23 13:06:25 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
2014-03-23 13:06:25 1WRhAX-00027n-HU <= [email protected] U=root P=local S=1388 T="lfd on ks208859.domain2.com: blocked 89.118.xx.xx (IT/Italy/89-118-51-30-static.domain3.net)" for root
2014-03-23 13:06:25 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1WRhAX-00027n-HU
2014-03-23 13:06:25 1WRhAX-00027n-HU User 0 set for local_delivery transport is on the never_users list
2014-03-23 13:06:25 1WRhAX-00027n-HU == [email protected] R=localuser T=local_delivery defer (-29): User 0 set for local_delivery transport is on the never_users list
2014-03-23 13:06:25 1WRhAX-00027n-HU ** [email protected]: retry timeout exceeded
2014-03-23 13:06:25 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1WRhAX-00027n-HU
2014-03-23 13:06:25 1WRhAX-00027v-MA <= <> R=1WRhAX-00027n-HU U=mailnull P=local S=2245 T="Mail delivery failed: returning message to sender" for [email protected]
2014-03-23 13:06:25 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1WRhAX-00027v-MA
2014-03-23 13:06:25 1WRhAX-00027v-MA User 0 set for local_delivery transport is on the never_users list
2014-03-23 13:06:25 1WRhAX-00027v-MA == [email protected] R=localuser T=local_delivery defer (-29): User 0 set for local_delivery transport is on the never_users list
2014-03-23 13:06:25 1WRhAX-00027v-MA ** [email protected]: retry timeout exceeded
2014-03-23 13:06:25 1WRhAX-00027v-MA [email protected]: error ignored
2014-03-23 13:06:25 1WRhAX-00027n-HU Completed
2014-03-23 13:06:25 1WRhAX-00027v-MA Completed

I tried to put csf in medium protection but still not work.
I checked if my domain (domain.com) is blacklisted but its ok.
I dont know whats happened in last 48 hours, before all worked...
Can you help me please?

 

[cPanelPeter]

Hello,

Since you've modified the log file to show false information, it's rather difficult to help you. However, I do see that the IP address 89.118.51.30 is blocked by several blacklists.

Looking at MX Toolbox Blacklist, I currently see 7 different RBL's. If that's your IP address then that is the cause of the problem.

 

[gabrydoc3]

Thank you for your answer, sorry but i have simply copy and past a part of my exim.log without hide nothing.
I can paste all if you need for help me.
I don't undestand one think: my server IP is 94.23.231.116 and you speak about other IP above.
Anyway i checked now this IP also and i see im in some blacklist.
Now i try to resolve soon all and thank you again.

 

[gabrydoc3]

Somebody can help me please? Im not a different user and i pay every month license of cPanel.
I never post here because fortunately all was good until now.
Now i asked help about this problem but it seems nobody interest about that...