I received an email throug the help desk of my website mentioning that she received spam emalls from my server. I instantly logged into WHM to see what was happening.. and much to my surprise.. there are currently 1482177 messages in the mail queue. I never sent this amount of emails to anyone.. heck I don't even know who these people are.. The content of one email is: I've removed my domain name for security purposes here.. Now I am trying to delete these messages from the server through WHM. Also, I've informed my host since it's a managed vps. What should be the next step? I've no idea how these spammers managed to access my mail system.. though I highly doubt that it is due to the "send to friend" script integrated into wordpress. I'd really appreciate if you could guide me eliminating these issues from the server.
Google 'open relays' or 'test open relays'. There are ways to test externally if your server is an open relay. This basically means your server bounces email from other servers. More likely however, is that you've got a program that's wide open that's being hacked. It may not be the wordpress program you mention, but it's likely to be something like that. Any type of form you've got that sends an email (even if it's only sending email to you) can be vulnerable.
Some hackers had gained access to my cache directory (777 permissions) and they uploaded a malicious hacking script + this mail bombing one. Thankfully I got my hands on it before they could damage the database. It's phpbb this time again that's being exploited by some people. Crap! my server had 1.4 MILLION emails in the queue and these people listed the url of the file uploaded by them at various of their freely hosted websites. I've alerted my host, html & uploading features are turned off & I am collecting info on vbulletin to move over there.