The Exchange database file containing the emails on the server is the EDB file they're talking about, or rather the most important piece (there is also an STM file, and together they make up the MDB, or Messaging Database Module). This is stored off into a file that may be accessed and manipulated by tools other than Exchange-specific tools called a PST file. It is the PST file that is usually presented to a requester.
The query was whether there is an automated way to edit mail (i.e. strip the sender or receiver) in either one; the answer was no for the EDB file (at least not tracelessly), and a qualified yes for the PST file but it's potentially a cause of data loss.
Pin the source and target and the time of these queries to the specific people mentioned, and yes, it's a smoking gun, or at least nearly conclusive evidence that the deletion was systematic and deliberate.
Yep, Exchange Server is just a fancy-dancy database server; easily manipulated from inside the mail server using standard tools or from outside the server using a bit of custom code.
3 days and $4200 at standard rates and you'll never know the to and from fields were changed if you're just looking for the changes using standard exchange server tools - but you'd have to convince me this wasn't being done for illegal purposes and while I could think of one or two legal reasons to do something like this it would have to be a client of long standing or else I'd dump them just for asking.
Now, if you're going to want the changes to evade an in depth forensic analysis it will be 2 weeks and $12000 at standard rates AND we're going to have to swap out the hardware AND I'm not going to give you a 100% guarantee that it will be undetectable, just my best effort. And again, you'd better have a really good reason for asking me to do something like this or you are GONE. And seriously, what possible legal reason could you ever have for doing something like this?
Note: this $12000 just covers "fixing up" the Exchange Server itself and a few backups. If you want the data that's gone over the wire and might have been picked up and recorded from there you are flat out of luck. That would take someone that knows what they're doing.