IP Address 12.198.184.xxx is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet.
It was last detected at 2015-06-18 13:00 GMT (+/- 30 minutes), approximately 7 hours, 30 minutes ago.
This IP is infected (or NATting for a computer that is infected) with a spam-sending infection. In other words, it's participating in a botnet. If you simply remove the listing without ensuring that the infection is removed (or the NAT secured), it will probably relist again.
I am using Exchange 2010 on SBS2011 and I would like to find out which email address is doing this. Is there a way for me to do that?