my server sending mails without me sending it

Question

last night i see many mail undelivery messages but i have not send any messages. I have only one site live on it.

is there any way to find out more details about it. i don't know where to start

these are reject logs from exim

2013-03-01 03:27:31 H=114-42-128-4.dynamic.hinet.net (125.214.75.163) [114.42.128.4]:4227 rejected MAIL <z2007tw@yahoo.com.tw>: Access denied - Invalid HELO name (See RFC2821 4.1.3)
2013-03-01 05:13:10 H=(gyrvpwe.com) [27.41.134.95]:4702 F=<gpgjouczsr@gmail.com> rejected RCPT <vqvgb8924@yahoo.com.tw>: Please turn on SMTP Authentication in your mail client, or login to the IMAP/POP3 server before sending your message.  (gyrvpwe.com) [27.41.134.95]:4702 is not permitted to relay through this server without authentication.
2013-03-01 09:37:20 courier_plain authenticator failed for localhost [127.0.0.1]:53728: 435 Unable to authenticate at present (set_id=__cpanel__service__auth__exim__DTGm12zHmcIhHGj1OI5GgfzrB5j7sk5UEyxNaYj7UqGFGstIMLklIjsIMYvPpAIt): failed to connect to socket /var/spool/authdaemon/socket: Connection refused inside "and{...}" condition

these were the few logs from

/var/log/messages

Mar  1 05:13:03 cpanel named[1442]: network unreachable resolving 'ns4.apnic.net/A/IN': 2001:dc0:4001:1:0:1836:0:140#53
Mar  1 05:13:04 cpanel named[1442]: network unreachable resolving 'tinnie.apnic.net/AAAA/IN': 2001:dc0:2001:0:4608::25#53
Mar  1 05:13:08 cpanel named[1442]: network unreachable resolving 'yahoo.com.tw/MX/IN': 2001:b000:168::1:c:10#53
Mar  1 05:57:45 cpanel named[1442]: network unreachable resolving 'colorado.edu/NS/IN': 2001:503:cc2c::2:36#53
Mar  1 06:15:02 cpanel named[1442]: network unreachable resolving 'httpupdate.cpanel.net/A/IN': 2001:503:a83e::2:30#53
Mar  1 06:15:02 cpanel named[1442]: network unreachable resolving 'httpupdate.cpanel.net/A/IN': 2001:503:231d::2:30#53
Mar  1 06:15:02 cpanel named[1442]: network unreachable resolving 'httpupdate.cpanel.net/A/IN': 2620:0:28a0:1528::3:1#53
Mar  1 06:27:51 cpanel named[1442]: network unreachable resolving 'akamai.com/NS/IN': 2600:1406:1b::64#53
Mar  1 07:28:03 cpanel named[1442]: network unreachable resolving 'mit.edu/NS/IN': 2001:503:cc2c::2:36#53
Mar  1 08:18:15 cpanel named[1442]: network unreachable resolving 'comcast.net/NS/IN': 2001:558:fe23:8:69:252:250:103#53
Mar  1 08:18:19 cpanel named[1442]: network unreachable resolving 'comcast.net/NS/IN': 2001:558:100a:5:68:87:68:244#53
Mar  1 08:18:19 cpanel named[1442]: network unreachable resolving 'comcast.net/NS/IN': 2001:558:100e:5:68:87:72:244#53
Mar  1 08:34:46 cpanel named[1442]: network unreachable resolving 'ns1.my.smartdns.net.au/A/IN': 2001:500:856e::6:34#53
Mar  1 08:34:47 cpanel named[1442]: network unreachable resolving 'hotmail.com/MX/IN': 2a01:111:2005::1:1#53
Mar  1 08:34:47 cpanel named[1442]: network unreachable resolving 'hotmail.com/MX/IN': 2a01:111:2006:6::1:1#53
Mar  1 08:34:47 cpanel named[1442]: network unreachable resolving 'clearfieldjeffersonredcross.org/MX/IN': 2001:500:f::1#53
Mar  1 08:34:47 cpanel named[1442]: network unreachable resolving 'clearfieldjeffersonredcross.org/MX/IN': 2001:500:b::1#53
Mar  1 08:34:47 cpanel named[1442]: network unreachable resolving 'msn.com/MX/IN': 2a01:111:2020::1:1#53

Answer 1

It has the look that you're either an open SMTP relay or, more likely, you've got software running on the server that is trying to send spam. If I had to guess, I'd suspect that your machine has been compromised.

I'd say you're in for restoring from known-clean backups or rebuilding the machine from the ground up.