Need help ASAP, compromised server?

[physikal]

I checked my Deferred email this am and I have like 4000 messages from an account info@domain.com. I deleted those 4k msgs then they just kept flooding in. This was not a problem last night. Any ideas where to look? I deleted the account in question.

All of the msgs were from one account (a generic account used for inquiries and such) and to massive amounts of random addresses.

Any help is appreciated.

[ArcaneMagus]

Sounds like the password for that account got cracked and it was used to send out spam until you stopped it.

Other then increasing security on generic accounts like that (if a user doesn't need to log into it then use a super long password), there isn't too much that I can think of to do.

[uxbod]

Did you check the headers to see whether they were actually being sent from your server; as they may have been backscatter.