Hi,
I'm not an "on call" server admin. I have my own servers, plus i'm giving support to couple of customers. I'm managing 6 servers. I've installed and configured each one from the scratch and making regular checks, taking backups and running updates.
First of all you should disable all email related services like clamav, spamassasin etc. on web (dedicated) server. csf, fail2ban or any similar one which is installed might need reconfiguration. Also you should create proper mx entrie(s) for emails. All kind of applications should use smtp to send an email if needed. e.g. web forms, wordpress,...
You should disable all unnecessary services on email (vps) server. Again csf or fail2ban might need reconfiguration.
If those messages comes from web server, probably they are false positives if you sure that noone has tried to send spam emails.
Once all services get configured well there wont be any serious problems usually. Sometimes people may use easy passwords for their accounts (email, wp etc.) as a result server could get various attacks if an attacker gets access to these kind of "insecure" accounts. This happens more often than other type of issues like misconfiguration, failed updates, crashes etc.
In such situation attacker could try to send millions of emails in a minute, or create/upload files which will be use to send spams or even worse could change files to add malicious codes.
Regards,
Turker YILDIRIM