Been struggling with this for 2 days now. Customer was recentley infected with NetSky which was cleaned off, have since scanned and it is now nowhere to be found. Since infection though the SMTP queue is constantly filling with what appear to be NDR's from "email@example.com". I have deselected "allow NDR Reports" in ESM and have also checked that we are not an open relay but no matter what i do the queue keeps filling! This is becoming a nightmare!
We are now running both SAV 9.x and aslo GFI Mailsecurity on this server and they both seem to be working fine. Dont know if its relevant but it is an SBS 2003 Box.
Have also isolated the server from the network to check they are not coming from a client but the queue still continues to fill.