It is your responsibility to ensure that your VPS is secure and is not breaking our terms and conditions or indeed any local laws in Australia. This includes SPAMming.
Please login to your server and investigate immediately.
You can also check your server reputation at http://www.senderbase.org/lookup/?search_string=18.104.22.168
If you have multiple IPs you should check them all.
At this time to prevent our network receiving a poor reputation we have blocked your outbound SMTP access, this means your VPS will not be able to deliver mail outbound.
For us to be able to remove this block you need to do the following:
1. Investigate your server to determine if it is SPAMming, this involves looking at the mail queues (if cPanel you can do this in WHM -> Mail Queues).
2. Investigate the mail in your mail queue to determine where the SPAM originates from (if cPanel in the Mail Queues you can view messages and determine what user is creating them)
3. Remove the offending script and disable the offending website where applicable.
4. If SMTP Authentication is being used, modify the password on the offending email account.
5. Restart your mail server and leave it for at least 12 hours to determine if any further mail is being queued.
6. Do NOT then reenable the offending website if applicable, this will simply reopen the vulnerability to the SPAMmer to reupload his script.
7. Ensure we have your root or administrator password.
8. Contact us and tell us exactly what you have done to rectify the problem and request us to reenable your SMTP outbound access.
9. We will then manually check your server to verify that you have done as requested. Providing all requirements have been met we will reenable your access.
1. Remove permanently all CUSTOM written plugins which have any ability to upload files or send mail.
2. Update your CMS and all Plugins to the latest versions.
3. Change passwords on ALL your CMS users (e.g. wordpress, joomla, drupal, magento etc.).
4. Change your cPanel password for that website account.
5. Ensure your email passwords are secure.
6. After re-enabling a previously hacked website monitor the mail queues closely over the next few days to ensure it does not start SPAMming again.
If you have any questions please contact Support. Identifying the cause of the SPAM is your responsibility. We can offer a service to attempt to determine the manner in which the SPAM is being sent and the user that is the cause, the cost for this is $60 + GST per 30 minutes and there is no guarantee on how long it will take. We do not offer website development to fix vulnerabilities as this is beyond our scope as a service provider, you would need to contact your developers to do this.
Please note, this is a serious issue, it breaks our terms and conditions of service, and in Australia breaks the law. It therefore needs to be dealt with as such.