question on smtp AUTH

[jdow]

From: "John Levine" <johnl at iecc.com>

> >I am wondering about the possibility of someone using a working login
>>and password to send spam through my server. So here is my question;
> 
> That's depressingly common.  Look for abandoned or unused accounts
> like guest/guest.

www at 3s1.com - that causes me to wonder if you have a hacked web server
php script that is doing the sending.

{^_^}    Joanne