I just got spam that seems to originate from my own mailserver, which simply isn't the case.

<BLOCKQUOTE>quote:</font><HR>
Return-Path: &lt;contact@ravengames.com&gt;
Received: from [202.58.54.170] ([202.58.54.170])
by ravengames.com (8.11.6/8.11.2) with SMTP id g52KWFq30064;
Sun, 2 Jun 2002 13:32:16 -0700
X-Authentication-Warning: ravengames.com: [202.58.54.170] didn't use HELO protocol
From: contact@ravengames.com
Received: from ravengames.com by 3BR93G.ravengames.com with SMTP for submissions@ravengames.com; Sun, 02 Jun 2002 16:32:24 -0500 <HR></BLOCKQUOTE>

It can't even be a case of a stolen password as &lt;contact@ravengames.com&gt; is just a forward, there is no such POP/IMAP account (or Unix user) at all on the server.

What troubles me is that even in the header this mail looks like as if it'd have originated from my server. The part that caught my eye was "didn't use HELO protocol", is this the key?

What should I do now? This is a serious security hole IMO.

That doesnt look like it originated from your server - it looks like someone just put your domain in their outgoing email. So all someone has to do is spoof any domain you want to in an outgoing email (you can do this in your email client). Your ips are not appearing on this list at all.

Does it mean I shouldn't concern myself with this at all?

<BLOCKQUOTE>quote:</font><HR>Originally posted by Zoltan Orc:
Does it mean I shouldn't concern myself with this at all?<HR></BLOCKQUOTE>

Then only thing you can do is track down the owner of the ip thats in that header and ask them why they are spoofing your domain in the email they are sending out. You should concern yourself with it but realize its not happening on your server and its beyond your control.