[KaptKaos]

1) Who signs the checks? The outside service guy should be under the control of the check signer.

2) Any IT guy or company worth their salt will not try to remotely "hack" your network. They'll want proof of your authority and on-site access.

3) Assuming you find the smoking gun, what then? You'll need an IT company to assume network support ASAP as you will likely sack the current guy and the out-sourced vendor.

4) Reality is, that unless your current IT admin is a moron, he likely covered his tracks and wasn't so stupid as to use the company mail system for that kind of crap.

5) Bottom line is that you don't trust the guy with the keys to your kingdom. That's problem number one.