Spamming is a known problem for every host, and adding information in header for the emails sent by php is a great way to track down spamming script.
You can go to WHM>>Easy apache,
Exhaustive Options list >> MailHeaders
Select it and recompile apache and php, and after that every emails generated from a php script will have an entry of generation script and its path. And you can shutdown infected account to solve the problem.