A recently configured Exchange 2003 server (Windows server 2003) is sending out spam. From looking in the queue, I can see that the mail is going out as security@(some characters)-westernunion.com. I have added *@*-westernunion.com to the blocked senders list. I have also verified that the server is not set for open relay. What are some best practices and some procedures that I can use to track down the source of the email?