As I wrote yesterday on this tread

[SOLVED] 6.0.8 adds strange e-mail addressess in mta

i was i almost same situation (the only difference is that our account was not admin).
24 hours later I'm sure: the problem was compromised account password. When I change the password and remove any forward in account - everything is fine.
Now user can again receive e-mails and ton of spam

I think you should keep in mind - a human mistake can be reproduced again !