Someone able to send out emails from a domain on my server using a fake email

I thought I had secured this a while ago, but that was a formmail(BCC) hack. Now rthis

Any help on what to shut down?

Looking in mail queue shows:
___________________________________________________________

1DM6Vc-0005Q0-Jp-H
mailnull 47 12
<>
1113493440 0
-ident mailnull
-received_protocol local
-body_linecount 950
-allow_unqualified_recipient
-allow_unqualified_sender
-frozen 1113493441
-localerror
XX
1
qfwwpbqpsrac@msn.com

150P Received: from mailnull by myservername.com with local (Exim 4.43)
id 1DM6Vc-0005Q0-Jp
for qfwwpbqpsrac@msn.com; Thu, 14 Apr 2005 11:44:00 -0400
040 X-Failed-Recipients: fakeuser@sampledomain.com
031 Auto-Submitted: auto-generated
063F From: Mail Delivery System <Mailer-Daemon@myservername.com>
025T To: qfwwpbqpsrac@msn.com
059 Subject: Mail delivery failed: returning message to sender
052I Message-Id: <E1DM6Vc-0005Q0-Jp@myservername.com>
038 Date: Thu, 14 Apr 2005 11:44:00 -0400


_______________________________________________________________

1DM6Vc-0005Q0-Jp-D
This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

fakeuser@sampledomain.com
This message has been rejected because it has
a potentially executable attachment "doc.scr"
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it.

------ This is a copy of the message, including all the headers. ------

Return-path: <qfwwpbqpsrac@msn.com>
Received: from [216.110.107.78] (helo=msn.com)
by myserver.com with esmtp (Exim 4.43)
id 1DM6UA-0005PV-KF
for fakeuser@sampledomain.com; Thu, 14 Apr 2005 11:44:00 -0400
From: qfwwpbqpsrac@msn.com
To: fakeuser@sampledomain.com
Subject: HELLO
Date: Thu, 14 Apr 2005 11:31:45 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0014_35825C59.88F4C208"
X-Priority: 3
X-MSMail-Priority: Normal

This is a multi-part message in MIME format.

------=_NextPart_000_0014_35825C59.88F4C20

 

I did see this in tweak settings: Should this be checked?

Include a list of Pop before SMTP senders in the X-PopBeforeSMTP header when relaying mail. (exim 4.34-30+ required)

 

How about SMTP Tweak?? Turn that on? Will it do anything bad? Or buggy? Why wouldn't it be on by default?

SMTP Tweak
This SMTP tweak will prevent users from bypassing the mail server to send mail (This is a common practice used by spammers). It will only allow the MTA (mail transport agent), mailman, and root to connect to remote SMTP servers.