==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.8.6
- Linux/BSD distribution name and version: CentOS 6.2 x64
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? N
- Related log if you're reporting an issue:
/var/log/maillog - repeatedly sending the following, though these are not showing in users sent folder.
May 11 09:27:05 idmail amavis[27688]: (27688-13) Passed CLEAN {RelayedOutbound}, MYNETS LOCAL [127.0.0.1]:49525 <terry@[domain].ca> -> <[user]@[otherdomain].com>, Message-ID: <1118af7aee3e98502613451db534230e@[serverdomain]>, mail_id: XYruQbF9A4pl, Hits: -10.648, size: 8579, queued_as: EC2CCEBC042, dkim_new=dkim:[domain], 5590 ms
====

User is getting hundreds of Undeliverable return emails.  He did have the original sent emails in his sent folder when he reported the issue to me.  I checked the headers which contain:

Return-Path: <terry@[domain]>
Received: from localhost (idmail.ca [127.0.0.1])
    by [serverdomain] (Postfix) with ESMTP id 9D03AEBC03E
    for <gravityconstructioninc@yahoo.com>; Wed, 11 May 2016 09:17:41 -0600 (MDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=[domain];
     h=subject:subject:from:from:x-mailer:message-id:content-type
    :content-type:date:date:mime-version:received:received; s=dkim;
     t=1462979856; bh=/vXJn2i/LLz0aVTCAybCwxWkYv1p9TH/A2S8Lm723pw=; b=
    C71evN95HJayuBZYsGwHtdu25EBSwZJcS/7Cm5G/ZbOP70fPp2bihksNzAgRRw4X
    xA24nOJj586bdP6wRYb21ayH/t6y9Um45Urp1LcL5bASsmrTHbNNNaWeOjL0UQBb
    vDPdTqlmc7Bte7iYdBncuRnZHmSs3SWCMcJGKxhXSac=
X-Virus-Scanned: amavisd-new at [serverdomain]
Received: from IDMail.ca ([127.0.0.1])
    by localhost (idmail.ca [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id hgVdQD9t5st5 for <gravityconstructioninc@yahoo.com>;
    Wed, 11 May 2016 09:17:36 -0600 (MDT)
Received: from [serverdomain] ([serverdomain] [127.0.0.1])
    by [serverdomain] (Postfix) with ESMTPSA id 97ECAEBC03D;
    Wed, 11 May 2016 08:24:28 -0600 (MDT)
Mime-Version: 1.0
Date: Wed, 11 May 2016 14:24:28 +0000
Content-Type: multipart/alternative;
boundary="----=_Part_265_153295452.1462976668"
Message-ID: <04abbfac22078da83ce5f31ab98b22d7@[serverdomain]>
X-Mailer: AfterLogic webmail client
From: "Jessica L Manos" <jessica@foleyengines.com>
Subject: documents
X-Priority: 3 (Normal)
To: undisclosed-recipients:;

-------------------------------------

What can I do to stop this, it appears to be coming from out server through our Afterlogic webmail - I've changed the users password, even disabled his account in iRedAdmin but the server is still showing emails being sent through maillog.