i have a spam problem. i woke up today and checked my msgs to find that my server had over 1000 address could not be found errors on my mail-server. i checked the msg that was sent and i found it was that fake bank of America email.
the address it was sent from was from a domain of mine. only my IP can access my ssh so how are they doing it. how can i trace it and prevent it. i use dovecot 1.0.beta3 and Exim 4.60
what can be done. I'm sorry if I'm not being helpful but i have never had anything like this happen to me before so i completely unversed in this.
Essentially if you have no experience with this stuff you'll never find the culprit. There's lots that can be done though by someone experienced with these matters. rack911, configserver and platinum management are good for these sorts of things. configserver.com offer a server security package which will stop this happening again in the future and is well worth the money over the long term.