Exim mainlog meaning of the auth_relay log line

In /var/log/exim/mainlog was two lines related to my hosting account with username "user" and account domain "domain.net".
it is claimed to be related to SPAM and i want to ask if you can please explain in detail how to read these log lines so i can find exactly how the site is exploited by the spammer so i can fix this. Thank You

messageid1 ** me@gmail.com F=<user@domain.net> R=smart_route T=auth_relay H=smtp.mailchannels.net [52.35.171.68] X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=yes: SMTP error from remote mail server after end of data: 550 5.7.1 [SS] Blocked. See https://console.mailchannels.net/insights/bounce?auid=*&sender=user%40domain.net&txid=*

messageid2 ** me@gmail.com <mymailbox@domain.net> F=<dureotaraletnokoem@cox.net> R=smart_route T=auth_relay H=smtp.mailchannels.net [34.223.74.227] X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=yes: SMTP error from remote mail server after end of data: 550 5.7.1 [STFWRBL] Blocked. See https://console.mailchannels.net/insights/bounce?auid=*&sender=srs0%3Dnaob51%3Dyx%3Dcox.net%3Ddureotaraletnokoem%40domain.net&txid=*

Code (markup):

 

Are you using cPanel? If yes you can learn how to read it and understanding it here: https://forums.cpanel.net/resources/reading-and-understanding-the-exim-main_log.383/

 

>> SMTP error from remote mail server after end of data: 550 5.7.1 [SS] Blocked

From the above bounced error it appears the remote email server has detected an abuse originating from your email account.
The " 550 5.7.1 [SS]" error indicates that the subject line in this/these message(s) contained one or multiple spam-like keywords commonly used on abusive or unsolicited email which caused the remote email filter to block the email.

 

Thanks, another explanation of the:

messageid1 ** me@gmail.com F=<user@domain.net> R=smart_route T=auth_relay H=smtp.mailchannels.net [52.35.171.68] X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=yes: SMTP error from remote mail server after end of data: 550 5.7.1 [SS] Blocked. See https://console.mailchannels.net/insights/bounce?auid=*&sender=user@domain.net&txid=*

Code (markup):

here:

messageid1 : message id
** : delivery failed; address bounced
me@gmail.com : the destination email
F=<user@domain.net> : sender address
R=smart_route : the router name, here dynamic
T=auth_relay : not documented
H=smtp.mailchannels.net [52.35.171.68] : host name and IP (of the relay)
X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 : TLS cipher suite (the way it was encrypted)
CV=yes : certificate verification status
SMTP error from remote mail server after end of data : error message
550 : SMTP error code
5.7.1 : Detailed error code
[SS] Blocked. See https://console.mailchannels.net/insights/bounce?auid=*&sender=user@domain.net&txid=* : the message provided by the server


So what's happening ? You Exim server tries to send a message to me@gmail.com from user@domain.net using an SMTP relay "mailchannels.net" but "mailchannels.net" didn't accept to forward the message because "Blocked".

Code (markup):

 

Since the bounced logs you have provided contains only limited information, for that reason it is not possible to provide a detailed explanation for that log.

As mentioned earlier the relay server, smtp.mailchannels.net has blocked the message with an error " 550 5.7.1 [SS]", you may need to check this with mailchannels.net and collect the exact logs from their filter system and it will explain a bit more.