We currently have a computer somewhere on our network infected with either a virus or trojan that is sending spam to the internet. Our antivirus software has not detected it. (Trend Micro OfficeScan 8).
We have approxemetly 50 workstations and a dozen servers.
Is there a utility we could use that could monitor or scan the network for smtp traffic to track down the infected computer?
Or what is the easiest way to accomplish this?
Also, to clarify, this is not our Exchange server sending the spam, the infected computer appearently is using it's own smtp client installed by the malware.