Since I can't figure out how to successfully stop relaying on my server, I've been informed that using SMTP-AUTH is the way to go so only I can relay through my server. I have ISPConfig already installed and I was reading the Postfix How-To here ( http://www.howtoforge.com/howto_postfix_smtp_auth_tls_howto ) but that's when you are starting from scratch to setup SMTP-AUTH. How would i go about setting this up on a ISPConfig system?

That is not the best howto for your ISPConfig server. Please configure your server as described in the perfect setup howto for your linux distribution.

I did. I followed the Fedora Core 5 64-bit (even though I'm 32-bit) without issues. It says to see if everything is good, telnet to the SMTP server.

[tristan@localhost ~]$ telnet 192.168.1.130 25
Trying 192.168.1.130...
Connected to 192.168.1.130 (192.168.1.130).
Escape character is '^]'.
220 server.vasceria.com ESMTP Postfix
ehlo testing
250-server.vasceria.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME


I am assuming that I should have to enter in a username/password to send mail out correct? I'm resorting to this because I can't seem to find any other way to block people from using me as a relay.

Please use this tool to check if your server allows relaying:

http://www.abuse.net/relay.html

I think Falko gave me the link to that in the past and the results show that I'm good.

Connecting to www.plastikracing.net for anonymous test ...

<<< 220 server.vasceria.com ESMTP Postfix
>>> HELO www.abuse.net
<<< 250 server.vasceria.com
Relay test 1
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@abuse.net>
<<< 250 Ok
>>> RCPT TO:<securitytest@abuse.net>
<<< 554 <securitytest@abuse.net>: Relay access denied
Relay test 2
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest>
<<< 250 Ok
>>> RCPT TO:<securitytest@abuse.net>
<<< 554 <securitytest@abuse.net>: Relay access denied
Relay test 3
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<>
<<< 250 Ok
>>> RCPT TO:<securitytest@abuse.net>
<<< 554 <securitytest@abuse.net>: Relay access denied
Relay test 4
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<securitytest@abuse.net>
<<< 554 <securitytest@abuse.net>: Relay access denied
Relay test 5
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@[24.95.42.77]>
<<< 250 Ok
>>> RCPT TO:<securitytest@abuse.net>
<<< 554 <securitytest@abuse.net>: Relay access denied
Relay test 6
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<securitytest%abuse.net@plastikracing.net>
<<< 554 <securitytest%abuse.net@plastikracing.net>: Relay access denied
Relay test 7
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<securitytest%abuse.net@[24.95.42.77]>
<<< 554 <securitytest%abuse.net@[24.95.42.77]>: Relay access denied
Relay test 8
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<"securitytest@abuse.net">
<<< 554 <securitytest@abuse.net>: Relay access denied
Relay test 9
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<"securitytest%abuse.net">
<<< 554 <securitytest%abuse.net>: Relay access denied
Relay test 10
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<securitytest@abuse.net@plastikracing.net>
<<< 554 <securitytest@abuse.net@plastikracing.net>: Relay access denied
Relay test 11
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<"securitytest@abuse.net"@plastikracing.net>
<<< 554 <securitytest@abuse.net@plastikracing.net>: Relay access denied
Relay test 12
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<securitytest@abuse.net@[24.95.42.77]>
<<< 554 <securitytest@abuse.net@[24.95.42.77]>: Relay access denied
Relay test 13
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<@plastikracing.net:securitytest@abuse.net>
<<< 554 <securitytest@abuse.net>: Relay access denied
Relay test 14
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<@[24.95.42.77]:securitytest@abuse.net>
<<< 554 <securitytest@abuse.net>: Relay access denied
Relay test 15
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<abuse.net!securitytest>
<<< 554 <abuse.net!securitytest>: Relay access denied
Relay test 16
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<abuse.net!securitytest@plastikracing.net>
<<< 554 <abuse.net!securitytest@plastikracing.net>: Relay access denied
Relay test 17
>>> RSET
<<< 250 Ok
>>> MAIL FROM:<spamtest@plastikracing.net>
<<< 250 Ok
>>> RCPT TO:<abuse.net!securitytest@[24.95.42.77]>
<<< 554 <abuse.net!securitytest@[24.95.42.77]>: Relay access denied
Relay test result
All tests performed, no relays accepted.

Yet people are still using me to spam fake eBay e-mails. Road Runner only allows sending up to 1000 e-mails a day and if I get spammed, my limit is reached instantly and I can't send mail for another 24 hours.

Well, this might mean that you have a vulnerable contact form/guestbook/whatever in one or more of your web sites that can be abused by spammers... :(

The only form I have is at the bottom of my forums.

http://forums.plastikracing.net/index.php

The mail it sent to me, and it'd be hard to spam with the image verification.

and it'd be hard to spam with the image verification.Well, it's possible for spam bots nowadays to crack the captchas... :(

Could be, but they can't specify where to send the e-mail in that form. Anything entered in that form goes to phpbb@plastikracing.net.

There's a problem with PHP's mail() function: it doesn't check if there are linebreaks in the parameters that you pass to it. Maybe that makes you contact form vulnerable.