Hey guys.....

More and more lately, we are getting the following bounced emails sent to us:

-----------------------------------------

From: Mail Delivery Subsystem
To: lmcml@mjmmagic.com
Subject: Returned mail: see transcript for details
Date: Sat, 30 Sep 2006 07:01:06 +0400 (MSD)

The original message was received at Sat, 30 Sep 2006 07:01:06 +0400
(MSD)
from mx.peterstar.ru [217.195.65.15]

----- The following addresses had permanent fatal errors -----
/d/mail/vodopad
(reason: Service unavailable)
(expanded from: )

----- Transcript of session follows -----
550 /d/mail/vodopad... User mailbox quota exceeded, please send this
message later
554 5.0.0 Service unavailable

Date: Sat, 30 Sep 2006 12:00:54 +0900
From: Jerome Oliver
To: vodopad@peterstar.ru
Subject: prejudge

-----------------------------------------

It appears that this email was sent FROM a user named "Jerome Oliver ", but that user doesn't exist on our server!

Being a newbie when it comes to cPanel, is there any settings you can walk me through to Tweak in the root Control Panel which may prevent these from being sent out from non-existent users?

I am attaching a screenshot of my current Mail settings under cPanel.

Thanks in advance!

there are several possibilities.

1. you are being used as a relay.
2. a user on your system is spamming
3. your server is hacked (sending email from 127.0.0.1 can spoof any domain)
4. someone is spamming and the email address they are spoofing happens to be a user on your server.

for 1:
unless you enabled it, by default this is not allowed

to rule out number 3:
run rkhunter and chkrootkit, check your /tmp, /var/tmp, and /dev/shm directory for any malicious files. if your running a chrooted environment check your users /tmp directories.

number 2, and 4, you will need to monitor your mail logs.