Immediately disable the user's account by setting him to DISABLE AND DON'T ALLOW MAIL.
Clean out all of the user's e-mail from your queue - you should be able to sort on the sender's e-mail address and delete them.
Change his password to a SECURE password.
Do not allow him to connect any clients until he agrees to use strong passwords and run an antivirus client on the devices.
Phone: (224) 444-0169
E-Mail and DNS Security Specialist
Network Security Specialist
Customer Service Portal: https://portal.chicagonettech.com
Security Blog: http://networkbastion.blogspot.com/
Web and E-Mail Hosting, E-Mail Security and Consulting