mailer-daemon sending email, server has been spofed?

[p_nyet]

My zimbra version:
Release 6.0.2_GA_1912.RHEL5_20091020185714 CentOS5 FOSS edition.

My server trying to sending email with using mail-daemon as sender to some one [not local user], and this is queue message:

Code:

Sender: mailer-daemon
From host: localhost.localdomain
From domain: 
From IP: 127.0.0.1
Recepients: anon@xx.com
To domain:
Content filter:

possible my server has been spoofed? how to fixed?
Please advise....

[phoenix]

Quote:

Originally Posted by p_nyet

My server trying to sending email with using mail-daemon as sender to some one [not local user], and this is queue message:

Sitting in the queue does not mean that it's been sent anywhere. Is there just one message or more than one?

Quote:

Originally Posted by p_nyet

possible my server has been spoofed? how to fixed?
Please advise....

What errors do you see in the log files that relate to these messages?

[p_nyet]

Quote:

Originally Posted by phoenix

Sitting in the queue does not mean that it's been sent anywhere. Is there just one message or more than one?

Two messages, and can't sent to recepients because network connections time out.

What errors do you see in the log files that relate to these messages?

I don't get any error here..

Please advise.....

[phoenix]

Quote:

Originally Posted by p_nyet

I don't get any error here..

You must have some information in the logs about that message, what do you see and what about the other part of my question?

[p_nyet]

Bill,
Thanks for your advise..

There is message log:

Nov 9 20:03:57 MAIL amavis[1283]: (01283-11) SEND via SMTP: <> -> <acceleratingkl34@orses.com>,ENVID=AM..20091109T13 0357Z@mail.mycompany.com 250 2.0.0 Ok, id=01283-11, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 14BC4AF0006
Nov 9 20:03:57 MAIL amavis[1283]: (01283-11) Blocked BANNED (.exe,.exe-ms,WU_Details_5a41d.exe), [201.252.108.128] [201.252.108.128] <acceleratingkl34@orses.com> -> <myuser@mycompany.com>, quarantine: banned-Lsi1Ju3kqjkP, Message-ID: <000d01ca613b$ff04f480$6400a8c0@acceleratingkl34 >, mail_id: Lsi1Ju3kqjkP, Hits: -, size: 32806, 150 ms
Nov 9 20:03:57 MAIL postfix/smtp[10051]: B74D8AF0001: to=<myuser@mycompany.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=11, delays=11/0/0/0.15, dsn=2.5.0, status=sent (250 2.5.0 Ok, id=01283-11, BOUNCE)
Nov 9 20:03:57 MAIL postfix/qmgr[368]: B74D8AF0001: removed
Nov 9 20:03:57 MAIL postfix/lmtp[8785]: 0DD89AF0002: to=<postmaster@mycompany.com>, relay=mail.mycompany.com[202.1.2.100]:7025, delay=0.06, delays=0.01/0/0/0.05, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Nov 9 20:03:57 MAIL postfix/qmgr[368]: 0DD89AF0002: removed
Nov 9 20:03:57 MAIL postfix/lmtp[14591]: 1172BAF0003: to=<myuser@mycompany.com>, relay=mail.mycompany.com[202.1.2.100]:7025, delay=0.07, delays=0/0/0/0.06, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Nov 9 20:03:57 MAIL postfix/qmgr[368]: 1172BAF0003: removed
Nov 9 20:03:58 MAIL postfix/smtp[14594]: connect to mx.quigibo.com[67.15.76.50]:25: Connection refused
Nov 9 20:03:58 MAIL postfix/smtp[14594]: 14BC4AF0006: to=<acceleratingkl34@orses.com>, relay=none, delay=1.1, delays=0.01/0/1.1/0, dsn=4.4.1, status=deferred (connect to mx.quigibo.com[67.15.76.50]:25: Connection refused)
Nov 9 20:03:58 MAIL postfix/smtpd[8777]: disconnect from host128.201-252-108.telecom.net.ar[201.252.108.128]


Sitting in the queue does not mean that it's been sent anywhere. Is there just one message or more than one?
Two messages, and can't sent to recepients because network connections time out.