GtW,
It might be that one or more machines in your office has been turned into a zombie and is spewing out spam via your perfectly corrrectly configured mail server.
"One of the machines in your office" could of course be a laptop that was plugged in to your network temporarily ... or, if your office has a wireless network that isn't properly secured, "one of the machines in your office" could in fact be a laptop in a passing car.
What you say is possible, but not applicable in this case, I think - as I understand it, SORBS feeder servers ONLY check the configuration of the Mail relay host attempting to connect to them, not the email sent to them.
SD