My server is spamming, need help

My server has been sending out spam. I have been trying to figure this out for days but need some help. I've run two rootkit checkers and found no infections. The mail seems to be coming from localhost. So I suspect it may be coming through an online form or something. An example is below. There was so much activity that it was hard to tell if it was only one site or not. The example shows it is from JerryLibbin.com, which I have that mail setup on google apps, not on my server. I even shut the site down completely and I still have things coming through. In addition to the example spam email, I have lots of lines in my mail log like the following. Can anyone help me?

Example Mail Log Entry

Oct 13 17:57:46 host2 postfix/smtp[30597]: 633E28604: to=<jerry@jerrylibbin.com>, relay=ASPMX.L.GOOGLE.com[2607:f8b0:4003:c02::1a]:25, conn_use=5, delay=4.4, delays=0.04/3.8/0.03/0.55, dsn=2.0.0, status=sent (250 2.0.0 OK 1350147343 r10si11720874obv.29)

A example mail:

Return-Path: <jerry@jerrylibbin.com>

Received: from [173.230.134.249] by usfamily.net

(USFamily MTA v5/:PGplcnJ5QGplcnJ5bGliYmluLmNvbT48bmVhbGFuZHlAdXNmYW1pbHkubmV0Pg–)

with SMTP id <20121008035248102162800014> for <nealandy@usfamily.net>;

Mon, 08 Oct 2012 03:52:48 -0500 (CDT)

(envelope-from jerry@jerrylibbin.com)

Received: from www.jerrylibbin.com (localhost [IPv6:::1])

by host2.localdomain (Postfix) with ESMTP id BB2DF85B7

for <nealandy@usfamily.net>; Mon, 8 Oct 2012 04:35:27 -0500 (EST)

Date: Mon, 8 Oct 2012 09:35:27 +0000

To: nealandy@usfamily.net

From: Jerry Libbin <jerry@jerrylibbin.com>

Subject: =?UTF-8?Q?Re-imbursment=E2=80=8F?=

Message-ID: <17945210edaded80a83bb9d89343d9ec@www.jerrylibbin.com>

X-Priority: 3

X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)

MIME-Version: 1.0

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

|

|

Dear Friend

How are you today?

You may not understand why this mail came to you. We have been having series of meeting for the past 5 months which ended 2 days ago with the secretary to the African Union. I am Jerry David Libbin of AFRICAN UNION COMMISSION the Ecowas District Officer.

Please note that this email is to all the people that have been scammed in any part of the world, the AFRICAN UNION COMMISSION have agreed to compensate them with the sum of US$(800,000.00)

This includes every foreign contractors that may have not received their contract sum, and people that have had an unfinished transaction or international

businesses that failed due to Government problems etc.

We found your name in our list and that is why we are contacting you, these have been agreed upon and have been signed. You are advised to contact our paying center as they are our representative in Accra-Ghana, contact them immediately for your International Bank certified Draft of USD$800,000.00 This funds are in a Bank Draft for security purpose, so they will send it to you and you can clear it at any bank of your choice in your country or in any country of the world.

Therefore, you should send to Dr. Peter Kwame your full Name, your direct telephone number and your correct Postal Address where you want them to send the Certified Draft to you.

Contact Dr. Peter Kwame immediately to receive your compensation funds without any further delay, kindly contact him on listed contact information.

Dr. Peter Kwame

Financial Director

No. 72 Liberty Avenue. Ghana

Email: pkwame@yahoo.cn

We will request you to get back to this office as soon as you have received and confirmed your payment in your bank.

Making the world a better place.

Regards.

Jerry David Libbin

(For African Union Commission).

Addis Ababa, ETHIOPIA P. O. Box 3243

|

|