Detectar spambot no Ubuntu 12 TLS

Recentemente, descobri no meu registro de e-mail que há uma enorme quantidade de spam sendo enviado do meu servidor doméstico. Estou correndo sem sites, apenas zpanel. Fechei todas as portas e estou monitorando o mail.logarquivo.

As entradas são assim:

Jul 26 13:47:37 icarus postfix/smtp[19418]: EE28911C345A: to=<[email protected]>, relay=none, delay=29791, delays=29761/0.07/31/0, dsn=4.4.1, status=deferred (connect to inbound.juliegarwood.com.netsolmail.net[206.188.198.64]:25: Connection timed out)
Jul 26 13:47:37 icarus postfix/smtp[19438]: connect to mx2.comcast.net[76.96.40.147]:25: Connection timed out
Jul 26 13:47:37 icarus postfix/smtp[19438]: connect to mx1.comcast.net[2001:558:fe14:70::22]:25: Network is unreachable
Jul 26 13:47:37 icarus postfix/smtp[19438]: connect to mx2.comcast.net[2001:558:fe2d:70::22]:25: Network is unreachable
Jul 26 13:47:37 icarus postfix/smtp[19423]: connect to extmail.bigpond.com[61.9.189.122]:25: Connection timed out
Jul 26 13:47:37 icarus postfix/smtp[19430]: connect to extmail.bigpond.com[61.9.168.122]:25: Connection timed out
Jul 26 13:47:39 icarus postfix/smtp[19420]: connect to mail.manhattan.k12.ks.us[12.167.72.199]:25: Connection timed out
Jul 26 13:47:40 icarus postfix/smtp[19420]: ECD7711C3348: to=<[email protected]>, relay=none, delay=34075, delays=34042/0.08/33/0, dsn=4.4.1, status=deferred (connect to mail.manhattan.k12.ks.us[12.167.72.199]:25: Connection timed out)

Quais são algumas maneiras de rastrear a causa disso?