How to identify the source of spam mails

sparktino

Member
May 10, 2009
23
0
51
Hello,

One of the email accounts of our domain has been used to send spam mails. How we can identify the source from which these spam mails are being sent. I would like to know whether it is through the website itself by injecting some malicious codes or it through an email client. Is it possible to identify the source from exim logs?

Code:
=================

2013-03-27 04:03:01 1UKlJz-0003Ba-Er <= "username"@"domainname" H=("domainname") [xx.xxx.xxx.xxx]:58513 P=esmtpa A=dovecot_login:"username"@"domainname" S=2507 [email protected]"domainname" T="Don't lack boners with these risk-free drugs. Door-to-door shipping!" for [email protected] [email protected] [email protected] [email protected]

=================
Regards
Tino
 

sparktino

Member
May 10, 2009
23
0
51
Hi,

Thanks guys for the reply.

Yes, it looks like somebody hacked the password for this particular email account. I had to change the password for the account.