I am running ISPCONFIG3 on a Debian Wheezy server and we had a Joomla website hacked which has resulted in spam going out from a user firstname.lastname@example.org
(maggie.backed-up.net is the mail server) I have blacklisted this user and disabled it in main.cf
authorized_submit_users = !web53, static:anyone
I cannot find out how the spam is being sent and we are being blacklisted by more and more servers. I have checked for open relay and it OK
Telnet on port 25 gives
root@millhouse:/home/dave# telnet 22.214.171.124 25
Connected to 126.96.36.199.
Escape character is '^]'.
220 maggie.backed-up.net ESMTP Postfix (Debian/GNU)
250-AUTH LOGIN PLAIN
Any ideas where I go from here, we have a load of users now not getting emails.