I have a centOS 6 server, with DirectAdmin as the management panel and Exim as the mail server. In usage directory files (/etc/virtual/usage/) I can see that some emails have been sent from users that don't exist in my mail users. The IP address 114.222.66.5 does not belong to the server. Here's the file content about sending emails:
716=type=email&email=beverlylau@domain.com&method=outgoing&id=1jYFCt-0000sT-OQ&authenticated_id=realuser@domain.com&sender_host_address=114.222.66.5&log_time=1589229565&message_size=716&local_part=janis.shampay&domain=reed.edu&path=/
677=type=email&email=andyfield@domain.com&method=outgoing&id=1jYFCw-0000sT-EC&authenticated_id=realuser@domain.com&sender_host_address=114.222.66.5&log_time=1589229566&message_size=677&local_part=hal&domain=miamihal.com&path=/
693=type=email&email=candyplk@domain.com&method=outgoing&id=1jYFCx-0000sT-CX&authenticated_id=realuser@domain.com&sender_host_address=114.222.66.5&log_time=1589229567&message_size=693&local_part=lohriner&domain=gmail.com&path=/
728=type=email&email=anwilknson@domain.com&method=outgoing&id=1jYFCy-0000sT-AD&authenticated_id=realuser@domain.com&sender_host_address=114.222.66.5&log_time=1589229569&message_size=728&local_part=donna.triboletti&domain=gmail.com&path=/
726=type=email&email=ccrosslnd@domain.com&method=outgoing&id=1jYFCz-0000sT-LF&authenticated_id=realuser@domain.com&sender_host_address=114.222.66.5&log_time=1589229570&message_size=726&local_part=jlljdy&domain=comcast.net&path=/
706=type=email&email=ccolbystreeter@domain.com&method=outgoing&id=1jYFD0-0000sT-I0&authenticated_id=realuser@domain.com&sender_host_address=114.222.66.5&log_time=1589229571&message_size=706&local_part=vocals1&domain=live.com&path=/
12840=type=email&email=alireza@domain.com&method=incoming&log_time=1589233327&id=1jYGBb-0002mm-Ai&path=/
15734=type=email&email=info@domain.ir&method=incoming&log_time=1589254173&id=1jYLbl-0003Ed-Jw&path=/
Can anybody tell me what's going on and how I can prevent this?
