While it is common for an organization that has been infected to seek out the source of the infection, it is not necessary to send anyone any of your e-mails. If your system is properly defended, incoming e-mail with infected attachments will be detected. In fact, in many organizations, these e-mails never reach the end user, as they are deleted at the e-mail gateway level.
In this case, it sounds like his server got infected by something running locally. It would not be infected just from you or anyone else sending him an infected e-mail -- the Trojan or virus needs to be run in order to infect.
If you want to be more certain that your system is not infected, you can use an antivirus scanner or a Trojan horse scanner (Moosoft, for example) to see if you have malware on your system. If you find something, you could share that information.
For more information on this topic, visit these other resources on searchSecurity:
Featured Topic: Malware lessons
Ask the Expert: How to restrict e-mail attachments
Security Policies Tip: Executable e-mail attachments -- Educate the end user
This was first published in August 2001