This might have something to do with a server that I have set the root user with a forward rule to send me emails. But I am not sure and I can't figure out why... Is it possible that my server has been used by other people to do spamming? My server is in a local network by the way.
Based on the returned content of the email, it's for several spam emails. Pure spam. And the sender is not even ME, not even a proper address (some random name). That's why I think it feels like someone seems relaying emails (spam) through my server. And I got all the returned emails back. My email server (a very good company) didn't treat this as spam. They normally help me block tons of spam automatically.
For example
The original message was received at Sun, 26 Jan 2014 05:05:40 -0700
from m50-134.163.com [123.125.50.134]
----- The following addresses had permanent fatal errors -----
<[email protected]>
(reason: 550-5.1.1 The email account that you tried to reach does not exist. Please try)
----- Transcript of session follows -----
... while talking to aspmx.l.google.com.:
>>> DATA
<<< 550-5.1.1 The email account that you tried to reach does not exist. Please try
<<< 550-5.1.1 double-checking the recipient's email address for typos or
<<< 550-5.1.1 unnecessary spaces. Learn more at
<<< 550 5.1.1 http://support.google.com/mail/bin/answer.py?answer=6596 ha7si10821727icc.12 - gsmtp
550 5.1.1 <[email protected]>... User unknown
<<< 503 5.5.1 RCPT first. ha7si10821727icc.12 - gsmtp
priearl2003 is the spammer I think.
Content-Type: Message/delivery-status
Content-Description: Delivery error report
Final-Recipient: rfc822; [email protected]
Action: failed
Status: 5.0.0
Diagnostic-Code: SMTP; SMTP error, DOT: 550 5.7.0 (SNT0-MC4-F26) Message could not be delivered. Please ensure the message is RFC 5322 compliant..(SMTP error, DOT: 550 5.7.0 (SNT0-MC4-F26) Message could not be delivered. Please ensure the message is RFC 5322 compliant.)
--------------Boundary-00=_MQ805PDL3A1S4OLBH890
Content-Type: Message/Rfc822
Content-Description: Undelivered Message
Content-Transfer-Encoding: 8bit
Received: from mycomputer (unknown [91.124.65.192])
by smtp4 (Coremail) with SMTP id DtGowECZB0Ue6ORSchJSDQ--.24287S3;
Sun, 26 Jan 2014 18:49:20 +0800 (CST)
From: "markp markp" <priearl2003>
To: "keacyking" <[email protected]>, "KC" <[email protected]>,
"sexy kio kyle hot7187493825" <[email protected]>,
"rod isreal" <[email protected]>,
"korey 3369724167" <[email protected]>,
"junglefever 04" <[email protected]>, "Keino" <[email protected]>,
"Y U WANNA KNOW autour detroit" <[email protected]>,
"Kennen butler buffalo" <[email protected]>,
"=?ISO-8859-1?Q?Charles_Knowles=2C_Jr?=" <[email protected]>
Subject: markp markp
Date: Sat, 26 Jan 2014 11:49:14 +0100
MIME-Version: 1.0
X-mailer: Microsoft Office Outlook, Build 11.0.5510
Reply-To: priearl2003
Content-type: Multipart/mixed; boundary="3E762EB7_62CA3E41_boundary"
Content-Description: Multipart message
X-CM-TRANSID:DtGowECZB0Ue6ORSchJSDQ--.24287S3
X-Coremail-Antispam: 1Uf129KBjDUn29KB7ZKAUJUUUUU529EdanIXcx71UUUUU7v73
VFW2AGmfu7bjvjm3AaLaJ3UbIYCTnIWIevJa73UjIFyTuYvjxUa038UUUUU
X-Originating-IP: [91.124.65.192]
--3E762EB7_62CA3E41_boundary
Content-type: text/html; charset=UTF-8
Content-Transfer-Encoding: Quoted-printable
Content-Disposition: inline
Content-Description: HTML text
=EF=BB=BF<html><head><meta http-equiv=3D"content-type" content: text/html;=
charset=
=3DUTF-8></head><body>http://atasehiringilizcekurslari.org/vhwk/jgmbsvgubadcgt=
ecpios.dcgpurxvlyoigqhfjgxeg</body></html>
--3E762EB7_62CA3E41_boundary--
Based on the information you've provided, this is almost certainly not coming from your server unless you run an open relay. The message originated in China:
(I got this information from APNIC, after checking ARIN first.)
The most common reason for you to get those emails is that spammers have spoofed your domain ("backscatter," as Marki said). There's not a whole lot you can do about that, but, on the up side, it's unlikely to get you on blocklists, either.
Edit in response to your edit: The second IP listed is from the Ukraine. You can find that number in RIPE.
I suspect that what you're looking at is backscatter from a spambot network that spoofed an address in your domain.
Could simply be "backscatter". Someone used you as their "From" address and you're getting the junk back.
There is no 100% solution to protect against this. You could e.g. set up SPF entries (in your DNS) and the like. But this will only have an effect with (recipient) mail servers that also interpret that information. I would bet the big ones do (like here Google).
In essence this give people the information which servers mail from @yourdomain should be coming from and not accept it otherwise. All this is unfortunately an effect of the inherent insecurity in the SMTP protocol.