I have a customer that has an exchange server that is being used to send spam. It a Windows SBS Server 2003, and everything was fine until this weekend. I have checke dfor an open relay, there is none. I was able to narrow down to an IP Address that was connecting to my server to send the spam, I blocked that IP Address. How did this hapopen and what else can I check to see hwo it happened and also how do I prevent this.