Email spoofing issue

We have an issue with someone apparently sending email to our internal users posing as our actual exchange server. Below is the header of an email. Note that the email looks like it is coming from our mail server (pti-nj.com) but the IP address (58.10.84.86) is not ours. The email is sent with a from address of one of our internal users and sent to other users in our company. We have relay restrictions on our Exchange server (only allowing the IP address of our Exchange server to relay but does allow any authenticated user to relay), this is set on the Relay restrictions tab of the SMTP virtual server. HELP! We are getting a lot of these type of emails.

Microsoft Mail Internet Headers Version 2.0
Received: from pti-nj.com ([58.10.84.86]) by mailserver.pti-nj.com with Microsoft SMTPSVC(5.0.2195.6713); Thu, 4 May 2006 08:12:34 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.0.6603.0
From: <register@pti-nj.com>
To: <mktg@pti-nj.com>
Subject: Members Support
Date: Thu, 4 May 2006 19:11:47 +0700
MIME-Version: 1.0
Content-Type: multipart/mixed;
            boundary="----=_NextPart_000_0000_961632E8.767635F9"
X-Priority: 3
X-MSMail-Priority: Normal
Return-Path: <register@pti-nj.com>
Message-ID: <MAILSERVERVY5jVkjA20000051a@mailserver.pti-nj.com>
X-OriginalArrivalTime: 04 May 2006 12:12:34.0818 (UTC) FILETIME=[06D57620:01C66F74]
------=_NextPart_000_0000_961632E8.767635F9
Content-Type: text/html;
            charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
------=_NextPart_000_0000_961632E8.767635F9
Content-Description: warning.htm
Content-Type: text/html;
            name="warning.htm"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
            filename="warning.htm"

 

 

------=_NextPart_000_0000_961632E8.767635F9--