Hi Guys, In the last 2 days I have recieved 'delivery status' failed email messages from one of my wordpress blogs. Today I recieved an email from my host saying that my site has been sending spam emails and if I don't fix it my account will be deleted. This was in the email my host sent me: Feedback-Type: abuse User-Agent: AOL SComp Version: 0.1 Received-Date: Fri, 29 Jul 2011 18:23:40 -0400 (EDT) Source-IP: xx.xx.xx.xx Reported-Domain: xx.awardspace.com Redacted-Address: redacted Redacted-Address: redacted@ I took the ip address and scanned the access logs, found entires with the same ip range. They were accessing the wp-cron.php file, as I have no know plugins that use it I have deleted it. I have changed the WP/email/FTP/database passwords and installed: Secure WordPress Firewall Login Lockdown I was also getting failed email messages from the gmail account that had a redirect setup to the email address above. Have changed the password on that account and removed the redirect. I worried that my other sites on the account might be comprised so, i', changing all the details from them too. Could really use some advice!