We suspect a computer in our Windows 2003 domain to be infected by a worm, and sending out spam using our Exchange mail server.
Because of this, our mail server's IP is being listed on the spam lists.
But, since everyone in our company uses the domain mail server, also most of our normal e-mail is blocked.
Instead of going to every single computer in our company (about 50 computers),
is there a way on the Exchange mail server to see which computer in our domain is sending an unusual amount of e-mails?