WHM [System] is sending Spam emails

I was exploring my Exim Mail Queue Manager in WHM and have quite by chance stumbled across the [system] identifier sending four (4) spam emails to valid email addresses.

I deleted the messages from the mail queue (possibly unfortunately, I should have recorded their contents before deletion) but would like to know:

1) How do I establish what caused these message?

2) Is this indicative of a system wide compromise?

3) Would this be something I should raise in a ticket?

I have seached on this topic and results all come up with CPanel specific mail/account compromises which I'm not certain relate as these were sent by "[system]" rather than by any particular account.

I have checked my exim_mainlog and maillog log files but can't see anything obviously out of the ordinary.

 

Hello,
Yes I have been keeping eyes on the mail queue but not seen anything since; I had opened the messages in the queue and they where 100% spam and sending to emails not on the server (but known and valid).

I realised only in hindsight that the message headers would have been useful, after I'd manually deleted them from the queue :-(

 

Hello. I quite understand in this specific instance but I was asking for the wider methodology of how to get more info (I realise reading the mail logs is key, but what else?) on and if the limited information present is indicative of a wider issue,

Cheers

 

Thank you for the reassuring comments @keat63 . I'm sorry @cPanelLauren I'd deleted the messages from the queue before properly noting the details.

Lesson learnt for next time!