==== Required information ====
- iRedMail version (check /etc/iredmail-release):
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- Related log if you're reporting an issue:
Jun  6 16:52:14 server1 postfix/qmgr[908]: 4D1582E00799: removed
Jun  6 16:52:14 server1 postfix/smtp[1698]: 9AA072E01233: to=<lokamandi@mail.com>, relay=mx01.mail.com[74.208.5.22]:25, delay=88472, delays=88471/0.3/0.68/0, dsn=4.0.0, status=deferred (host mx01.mail.com[74.208.5.22] refused to talk to me: 554-mail.com (mxgmxus006) Nemesis ESMTP Service not available 554-No SMTP service 554-IP address is black listed. 554 For explanation visit http://postmaster.gmx.com/en/error-mess … &c=bl)
Jun  6 16:52:14 server1 postfix/smtp[1693]: D04712E01239: to=<vincebia@usa.com>, relay=mx01.mail.com[74.208.5.22]:25, delay=88448, delays=88447/0.23/0.67/0, dsn=4.0.0, status=deferred (host mx01.mail.com[74.208.5.22] refused to talk to me: 554-mail.com (mxgmxus001) Nemesis ESMTP Service not available 554-No SMTP service 554-IP address is black listed. 554 For explanation visit http://postmaster.gmx.com/en/error-mess … &c=bl)
Jun  6 16:52:14 server1 postfix/smtp[1699]: DB7B72E0122F: to=<pietroabita@usa.com>, relay=mx00.mail.com[74.208.5.20]:25, delay=88449, delays=88448/0.22/0.68/0, dsn=4.0.0, status=deferred (host mx00.mail.com[74.208.5.20] refused to talk to me: 554-mail.com (mxgmxus007) Nemesis ESMTP Service not available 554-No SMTP service 554-IP address is black listed. 554 For explanation visit http://postmaster.gmx.com/en/error-mess … &c=bl)
Jun  6 16:52:14 server1 postfix/smtp[1700]: 4DB2F2E01244: to=<abramandrea@mail.com>, relay=mx00.mail.com[74.208.5.20]:25, delay=88325, delays=88324/0.23/0.72/0, dsn=4.0.0, status=deferred (host mx00.mail.com[74.208.5.20] refused to talk to me: 554-mail.com (mxgmxus002) Nemesis ESMTP Service not available 554-No SMTP service 554-IP address is black listed. 554 For explanation visit http://postmaster.gmx.com/en/error-mess … &c=bl)
====

Hi,

I believe iRedMail is one the best mailing software package. But I've come across a weird situation. My mailing server is made to relay but It's the default setting is such that no spammers can misuse that. Furthermore I checked that my iRedMail server is not open relay server.

However seeing the log file, It's clear that it's being used for spamming, resulting in the blocking of the IP as you can see in the log report. Now I'm not sure if the account has been compromised or someone is relaying through my server. The client who i have given server to have reported that it has not sent any mail at all as of now. And I can confirm the same from the mailing panel end. But the log file says the something else.

So I was wondering what could be possibilities that the server login credentials have been compromised or the server is being relayed? I know it's a bit off topic but a hint would be much welcome and appreciated. Thanks..