SPAM - Originating from our server, only being delivered to our users

Hello,

We consistently receive SPAM with the same subject several time a day. These messages appear to be originating from our server and only delivered to our users. I have looked at the headers and ran them through the mxtoolbox analyzer and it shows, from:ourserver to:ourserver. This is one of the headers with personal data changed:

************************************************************

Received: from MAIL.CCP.LOCAL (10.0.2.10) by MAIL.CCP.LOCAL (10.0.2.10)

 with Microsoft SMTP Server (TLS) id 15.0.1156.6 via Mailbox Transport; Sat, 6

 Feb 2016 08:52:11 -0500

Received: from MAIL.CCP.LOCAL (10.0.2.10) by MAIL.CCP.LOCAL (10.0.2.10)

 with Microsoft SMTP Server (TLS) id 15.0.1156.6; Sat, 6 Feb 2016 08:52:10

 -0500

Received: from camsnet.solarsankalp.com (Our External IP) by MAIL.CCP.ORG

 (10.0.2.10) with Microsoft SMTP Server id 15.0.1156.6 via Frontend Transport;

 Sat, 6 Feb 2016 08:52:07 -0500

Received: by camsnet.solarsankalp.com id hmnt8e0001gq for <johndoe@ccp.org>; Sat, 6 Feb 2016 08:51:41 -0500 (envelope-from <HunterGrant@camsnet.solarsankalp.com>)

To: <johndoe@ccp.org>

Reply-To: <Steven@solarsankalp.com>

Bounce-To-Num-Location: solarsankalp.com.0401068

Message-ID: <l8uy8yfgt536f.226571668@camsnet.solarsankalp.com>

From: Relief for 2015 Taxes <Steven@solarsankalp.com>

Subject: Past-due taxes? Your options explained

MIME-Version: 1.0

Content-Type: multipart/alternative;

                boundary="33Ng99TzG9NdAaK2F5Lj7dNtQ272IpY"

Date: Sat, 6 Feb 2016 08:52:07 -0500

Return-Path: HunterGrant@camsnet.solarsankalp.com

X-MS-Exchange-Organization-PRD: solarsankalp.com

X-MS-Exchange-Organization-SenderIdResult: Fail

Received-SPF: Fail (MAIL.CCP.LOCAL: domain of Steven@solarsankalp.com does

 not designate Our External IP as permitted sender) receiver=MAIL.CCP.LOCAL;

 client-ip= Our External IP; helo=camsnet.solarsankalp.com;

X-MS-Exchange-Organization-Network-Message-Id: 0f63f4de-a229-41f6-2bb0-08d32efcb604

X-MS-Exchange-Organization-SCL: 5

X-MS-Exchange-Organization-PCL: 2

X-MS-Exchange-Organization-Antispam-Report: DV:3.3.15608.880;SID:

SenderIDStatus Fail;OrigIP: (Our External IP)

X-MS-Exchange-Organization-AuthSource: MAIL.CCP.LOCAL

X-MS-Exchange-Organization-AuthAs: Anonymous

*************************************************************************

This is one of several we get but they all display the same delivery info, from:ourserver to:ourserver

Not sure how to solve this problem. Any help would be appreciated

Thanks,