Am I hacked ?

[bas60]

My EFA Spam Filter says its processed 14.61Gb

I only have 6 domains with less than 10 users
2 more domains with 40 & 20 users each

Today...In the Outbound Mail Queue I see around 60-70 items ALL day

Most are like this ...

701481836 4338 Thu Jul 6 10:03:52 MAILER-DAEMON
(connect to mail.olabastt.co[69.197.181.186]:25: Connection refused)
offer@olabastt.co

7F4DE823F5 4452 Fri Jul 7 10:37:02 MAILER-DAEMON
(connect to mail.dealpartners.co[195.154.236.229]:25: Connection refused)
offer@dealpartners.co

is my filter Hacked !?

I checked with MXtoolbox - not an open relay.
Don't have the above domains

Any ideas welcome

[pdwalker]

What the message is saying is that it is refusing connections from your mail server.

Either that is because

a) your ip/ip block is blacklisted somehow and they are not accepting connections at all from your address (firewalled, blackholed)

b) those domains have invalid MX records and you are trying to send mail to a server that doesn't exist. (sometimes happens).

I just tried connecting to those ip addresses, and my connection was immediately closed on the first, and not responded to in the second, so it's not just you.

Also, are those messages in the queue valid? Did someone in your system send them, or are they junk messages that your system is somehow sending? View one of the messages and find out.

If the messages are legitimate valid, you should have delay notifications turned on so your system will notify the sender that the message hasn't been delivered yet.