Every day different users on our domain receive email which contains malware. The senders seem to related: email@example.com or firstname.lastname@example.org. Sometimes, it's UPS or DHL or something else.
I am using Symantec Antivirus for Exchange and I am blocking all executables in all email, so I see quarantined emails left and right.
My question: is there a way to identify the actual source of these are coming from? Does this indicate that the problem is coming from one machine and that if we clean it this email will stop?
Thanks for your ideas and assistance.