When looking at /var/log/maillog I notice there are frequent attempts by postfix to send email to addresses I don't know.
Dec 30 04:10:28 www2 postfix/smtp: 8699C172025B: firstname.lastname@example.org, relay=aspmx.l.google.com[188.8.131.52]:25, delay=0.2,delays=0/0/0.16/0.04, dsn=5.1.1, status=bounced (host aspmx.l.google.com[184.108.40.206] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 http://mail.google.com/support/bin/answer.py?answer=6596 t19si30706368yhi.62 (in reply to RCPT TO command))
I have never heard of email@example.com and it looks like a spam address of some sort. My logs show all sorts of these usually with a different address each time.
I am not a Linux expert so I am a little unsure of how to proceed.
How can I find out from where that message originated? How do I find out if it is a bounce? Was it sent from an application? From another user? Which account? What should I do to address this?
Any help is appreciated.
FYI I run a mailman mailing list and Yahoo has suddenly started deferring messages because they say I am sending unsolicited email which is what got me investigating. Also my server is blacklisted by one organization for backscatter. I did make a modification to mailman's email aliases so users can no longer manage their subscriptions via email for what that is worth.
Thank you in advance.