How Can I Trace the Origin of Outbound Spam Mail in Mavericks Server?

macos email spam smtp osx-server

My Mavericks Server mail server has been compromised and has been sending reams of Nigerian royalty scam emails out. Where can I find log files which will enable me to track down the IP address these messages originated from (in case their is a machine with an infection on my network) and which credentials are being used to authenticate to the SMTP server?


Solution 1:

You should be able to find that Information in /var/log/Mail.log and some more in /var/log/system.log.

Related

Custom keyboard shortcuts/mapping
Tell application screen is not zoomed
Keeping column width in Finder
9,1 iMac GPU upgrade
Auto-complete to multiple possible file extensions
Black screen with dual monitors (10.9.3)
Installing Mavericks via Terminal
Mavericks, Minecraft, Mods and Parental Controls
Is repeatedly reading a drive harmful?
Can Apple Motion export with alpha to bring into iMovie?
How can I get my AppleScript code to move files?
Wikis on OS X Server - How do I include or embed content from one wiki page on another?