spam warning

Today I was sent a spam complaint from a certain company. They said spam was originating from my servers IP. Is it possible for someone to fake a header and put our servers IP into it?

Received: from mail.avsvc.co.kr ([61.37.195.131]) by webserver.imminc.com (Post.Office MTA v3.5.3 release 223 ID# 0-59098U400L2S100V35) with ESMTP id com for <harryk@imminc.com>; Thu, 3 Jul 2003 11:39:32 -0400
Received: from inbound.excite.co.jp.criticalpath.net (ns1.hostonic.com [207.44.212.104]) by mail.avsvc.co.kr (8.11.3/8.11.3) with ESMTP id h63FpqE23267; Fri, 4 Jul 2003 00:51:52 +0900
Date: Fri, 4 Jul 2003 00:51:52 +0900

I looked in my server logs and found this for the top 3 senders.
6306 70906010 root
5974 17869939 sliknull
3785 1819855 nobody
Is root suppose to send out that many emails or could it be one of the accounts distributing the emails. Sliknull is a user do you think I should delete his account? That is a lot of emails being sent, I suspect he could be the spammer.


Thanks in advanced.

 

 

 

 

Top