Where can I find IP logs?

AT&T blacklisted emails from us and I have successfully gotten them to unblock us. However, their message to me stated, "ADMINISTRATORS: Please thoroughly check your IP logs before requesting removal. You must determine that all traffic from the blocked IP is actually from your mail servers to ensure your network is not compromised." I have WHM access on my Bluehost site. I looked for IP logs, but could not find them. The only thing I really did was to delete the email account of one user who had an extremely high number of email messages.

I will greatly appreciate any help determining if our server has been compromised.

 

Thanks for the reply. I read the article, and most of the suggestions there were already implemented. I'm really new to WHM. Where do I find /var/log/exim_mainlog? I wonder if Bluehost gives me access to it.

 

You're right. I looked at a how-to article, and it won't be worth my time right now. Thanks again for your time. Now I a little more informed than before.