I am running a standard SuSE v10 installation with all patches current. This is a home machine which is used as a http, ftp, name, and mail server. This machine was also my main firewall/router box as well. Recently I began to notice a lot of internet activity with this machine so I checked /var/log/firewall. This showed that I was being flooded with repeated (and denied) requests from 4 different ip addresses. I then purchased a small firewall appliance and moved the server box behind the appliance. The firewall appliance is set to allow http, ftp, mail, and pop3 to the server machine only. At the time I thought this was the end of the story.
I am now beginning to receive spam emails from my own server address, such as email@example.com, firstname.lastname@example.org, or most recently from my mailer daemon - email@example.com. Was their hack attempt successful or is this a trick that spammers have? How can I check to see what damage they have done? All of the spam emails are for the same product http://www.emailadvertisingagency.org/.
I am using apache for the webserver and sendmail for my mail server. I almost always have ftp turned off and use qpopper for pop3. Any suggestions will be appreciated.