I am an ISP having difficulties with SPAM messages being bounced back to me that are apparently coming from my server or are being spoofed. (I am running Red Hat, apache, etc.)

Does anyone know of a good tool whereby I could monitor traffic through SMTP and search it later? I can manually sit there and watch it but don't really want to. I'd like to be able to just search the results each day for particular strings common to these errant messages.

Thanks for any suggestions.