Hello. We have a lot of phishing/spoofed email going around our agency. We suspect an internal user is inadvertently sending these emails. One reason we suspect this is our ISP has warned us that we were sending out these emails so we stopped it at the firewall but the issue still is happening internally.
Is there a way that we can find out the person/user/pc/hostname/ip address etc that is sending these emails?
Exchange 2010 Version: 14.03.0146.000. We do not run an Edge Transport Server.
Server 2008 R2 Standard SP1
Our email antispam is Vipre Email Security but it doesnt seem to help.
Thanks in advance.
Greg