I've found myself an accidental server admin for an old Moodle installation that dates from 2009. It's on Moodle 1.9.7 on a Snow Leopard Mac Xserve.
The installation recently had a corrupted database which I managed to recover. I've also fixed the broken cron job that wasn't running for a few years. Perhaps seperately, our SMTP server (located on the same site as the Moodle server) has been blocked by various spam-detecting websites.
But now that the cron job is running regularly, loads of emails are being sent out. Further adding suspicion that Moodle email might be the cause of the blockage, our sys admin found an email that looks like it was sent from Moodle (it even refers to a course in the subject) but the IP resolves to an external IP in a different city (maybe this is the ISP??)
Worse, the config.php file does not have any of the emails bounce configurations set, nor does it use a password salt.
So, the effort recently has been focused on the Moodle installation seeing if that's not the cause:
Update Moodle to the latest, and then do the salt and other configuration options.
Reconfigure and then update.
Please note, that, adding some difficulty, we do not have a testing server available to us.