As I wrote yesterday on this tread
[SOLVED] 6.0.8 adds strange e-mail addressess in mta
i was i almost same situation (the only difference is that our account was not admin).
24 hours later I'm sure: the problem was compromised account password. When I change the password and remove any forward in account - everything is fine.
Now user can again receive e-mails and ton of spam
I think you should keep in mind - a human mistake can be reproduced again !