You should ask your ISP for more info. Generally, an ISP won't blacklist your domain just because a spammer is using forged headers - that is very common and most ISP's understand that is not your fault. You may have an open mail server on your domain that a spammer has compromised and is using to actually send spam.
9:38 pm on Feb 22, 2008 (gmt 0)
Thanks, Stajer for that suggestion. At the time I spoke w. the ISP I didn't know which questions to ask. I'll go back & try to get them to be more specific.
9:00 am on Mar 17, 2008 (gmt 0)
My ISP has confirmed that spammers are not forging my headers but rather actually gaining access to the mail server (through poorly written script?). So I don't think spf records are the answer (though I have implemented them for all 3 domains just in case). Somehow I've got to figure out how to close off the mail server to the spammers. Since the domains/sites are hosted on a friend's virtual server & he interacts w. the web host, that may be tough to do. Any thoughts would be appreciated.