centrino

I really need some help on this. I am running a SMTP virtual server on Windows 2003 Server IIS. I have a web application (.NET or Java) that use the service to send emails. This server is on the internet. I found other people uses my server to send spam emails out. Can anyone tell me how to prevent this? I have the following configuration properties on my SMTP server. - Access Authentication : Anonymous access Connection: only the list below 127.0.0.1 Relay: only the list below 127.0.0.1 (UNcheck allow all computer which successfully authenticate to relay..) - Delivery Outbound Security : Anonymous access Here are some logs extracted: (Only the first 1 from 127.0.0.1 come from my application) 2006-01-05 14:08:26 127.0.0.1 HELO 250 2006-01-05 14:08:26 127.0.0.1 MAIL 250 2006-01-05 14:08:26 127.0.0.1 RCPT 250 2006-01-05 14:08:26 127.0.0.1 DATA 250 2006-01-05 14:08:26 127.0.0.1 QUIT 240 2006-01-05 14:08:26 64.233.163.114 - 0 2006-01-05 14:08:26 64.233.163.114 EHLO 0 2006-01-05 14:08:26 64.233.163.114 - 0 2006-01-05 14:08:26 64.233.163.114 MAIL 0 2006-01-05 14:08:27 64.233.163.114 - 0 2006-01-05 14:08:27 64.233.163.114 RCPT 0 2006-01-05 14:08:27 64.233.163.114 - 0 2006-01-05 14:08:27 64.233.163.114 DATA 0 2006-01-05 14:08:27 64.233.163.114 - 0 2006-01-05 14:08:29 64.233.163.114 - 0 2006-01-05 14:08:29 64.233.163.114 QUIT 0 2006-01-05 14:08:29 64.233.163.114 - 0 Please help!!!