a customer has been receiving numerous emails saying that his outgoing email have bounced. However, he didn't send any of the emails. I suspected he might have been infected with a bot that was spamming from his computer, but we have run scans and found nothing. There are about a dozen users at his office and he is the only one with this problem.
I now suspect that someone external is spoofing using his email address as the return/sending email address and he is receiving the bounced messages. All the destination addresses end in '.de'
Is there any way to stop this from happening? Yesterday morning (after the long week-end) he had over 50 of these emails.
Any suggestions would be appreciated.