Spammer using my domain name in FROM field

[Predrag Lezaic]

Spammer apparently is using  [EMAIL PROTECTED] in the FROm field 
of the emails he is sending out. Domain is one of my customers virtual 
domain, spammer made up the username in the email address. Now I am 
getting burried by mail notifications returning to sender...obviously 
wrong person.

How do you people deal with this? Is there anything I can do? Email 
addresses in FROM field as we all know are fake when spammers use them. 
But if you don't do it if someone misspelled an email address that is 
legitimate and sent it to user they won't know it didn't make it.

I am at a loss what to do.
Any ideas?
Thanks,
Predrag
PS My spamd process still shoots up in CPU usage at least once a day and 
I have to kill the process and restart spamassassin. :(