Someone send email from my exim server..

[batoo]

I noticed that one of my users which is my real life friend send to much emails. I have made daily limit, 200 mails per day but he exceed the limit. I have Exim Logs in my Webmin, so as i can see someone is sending mails to yahoo,gmail etc...

He send emails from root email, that email when account is created. I cannot change password or delete that email, however i tried to change password of account but still no changes...

Can anyone tell me how i can solve this problem because as i can see, someone is using this user for email campaign...

 

[zEitEr]

Probably your server or account of friend of yours is compromised. Anyway if you are neither a Directadmin user nor an administrator of a server with Directadmin, you are for sure on wrong forum. And even though you might want to hire somebody from these forums to help you.

 

[batoo]

Im an amateur administrator of a server with licensed directadmin

 

[zEitEr]

Your message is too ambiguous, so it's hard to give you any detailed answer.
Though make sure, you've got the latest versions of exim.pl and exim.conf http://help.directadmin.com/item.php?id=51
Make sure, that daily limits are properly installed http://help.directadmin.com/item.php?id=81
Read logs, as without information from them is almost impossible to say anything, you might want use:

# eximstats /var/log/exim/mainlog

# exigrep <search_string> /var/log/exim/mainlog

Scan homedirs with antivirus and Linux Malware Detect, check your server with rkhunter.