I am using IPCOP as my firewall and Blue Centos as my mail Server. I have two external IPs for my MX records for my domain. The first IP is 184.108.40.206 and the other is used as my reverse DNS entry which is 220.127.116.11. My mail server is in the green network and I have port forwarding in IPCOP which points to the mail server.
A couple days ago I started getting alot of spam from my network which I thought was due to a clients computer infected but after a lot of testing with wireshark I ruled that out as I could not find the machine. I did block port 25 in ipcop by editing the rc.firewall.local.
After some research I came to find out that my reverse dns entry (18.104.22.168) is an open relay. I just don't know how to close this relay. I would greatly appreciate the help.