I have multisite with 100 or so users. Started seeing a lot of bounce spam messages returned and they are using firstname.lastname@example.org for the sender so I see all the returns. They are all spam with attachments. How can determine which site/account is sending the the emails so I can remove that site/account?
Also which malware plugin would you suggest, I know there are many. I have used wordfence in the past for single sites which would scan & find malware but maybe there are better options for multisite?