I have a server with Windows 2000 and Exchange 2000 server installed. This box is the email server for this company and its IP is the MX record for their domain. In the exchange system manager, protocols, smtp, default smtp virtual server, queues, I have a multitude of listings that keep appearing. They all have the little blue arrow on the icon to the left of the listing and if I enumerate the listing they all show an email from firstname.lastname@example.org. Some of the names of the listings are: my.biglovedating.com, ihub.com, queerplaces.com, my.love.proext.com, etc. You get the point - they are bogus. I suspect that I have an email virus on one of the 40 machines that are here and it is trying to send out these emails. I have Symantec Antivirus Corporate Edition v10 on the servers and workstations and it updates and scans all nightly. I have done a Google and Symantec search on some of the bogus URLs and have come up with nothing. Perhaps I am wrong about what the problem is and would like to find out what is going on. I have done a test on the exchange server and it is reporting that it is not an open relay.
Any help in identifying the problem would be appreciated. If it is an email virus how would I identify the offending workstation?