tracking down compromised script

one of the domains on the server is sending a lot of spam, I got many bounced messages going to aol.com it says that it was blocked due to a compromised script:

http://postmaster.info.aol.com/errors/421rlycs4.html

How do I find out which script was compromised to send the spam? tracking down compromised script

What steps do I have to take to remove the IP from their blacklist?

 

 

 

 

Top