Sendmail Continuously Sending Emails to Odoo SMTP – How to Stop & Identify the Source? [closed]

I have a server running on Contabo with Ubuntu and noticed a high number of outgoing SMTP connections. I received an alert from my provider about excessive mail traffic on port 25 from my server IP.

What I Have Checked So Far:

1. Checked Active SMTP Connections:

sudo lsof -i :25

It shows after every 3 or 4 minutes, not sure of the exact time interval.

COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAMEsendmail-  1361 root    4u  IPv4  19981      0t0  TCP localhost:smtp (LISTEN)sendmail- 20971 root    6u  IPv4 401805      0t0  TCP myserver:44362->mx1a.odoo.com:smtp (ESTABLISHED)sendmail- 20971 root    7u  IPv4 401805      0t0  TCP myserver:44362->mx1a.odoo.com:smtp (ESTABLISHED)sendmail- 20971 root    8u  IPv4 403572      0t0  TCP myserver:39416->mx1d.odoo.com:smtp (ESTABLISHED)sendmail- 20971 root   11u  IPv4 403572      0t0  TCP myserver:39416->mx1d.odoo.com:smtp (ESTABLISHED)sendmail- 20971 root   12u  IPv4 401789      0t0  TCP myserver:55578->mx1c.odoo.com:smtp (ESTABLISHED)sendmail- 20971 root   13u  IPv4 401789      0t0  TCP myserver:55578->mx1c.odoo.com:smtp (ESTABLISHED)

2. Checked Mail Logs (/var/log/mail.log):

sudo tail -f /var/log/mail.log

Continuously getting below output

Feb 22 07:56:35 myserver sm-mta[20971]: 51IKDucD1512089: to=<in-direct@mail.odoo.com>, delay=3+10:42:39, xdelay=00:00:05, mailer=esmtp, pri=44852439, relay=mx1d.odoo.com. [91.134.56.180], dsn=4.3.5, stat=Deferred: 451 4.3.5 Server configuration errorFeb 22 07:56:36 myserver sm-mta[20971]: STARTTLS=client, relay=mx1a.odoo.com., version=TLSv1.3, verify=FAIL, cipher=TLS_AES_256_GCM_SHA384, bits=256/256Feb 22 07:56:37 myserver sm-mta[20971]: 51IKDucD1512089: to=<in-direct@mail.odoo.com>, delay=3+10:42:41, xdelay=00:00:07, mailer=esmtp, pri=44852439, relay=mx1a.odoo.com. [141.94.255.216], dsn=4.3.5, stat=Deferred: 451 4.3.5 Server configuration errorFeb 22 07:56:39 myserver sm-mta[20971]: STARTTLS=client, relay=mx1b.odoo.com., version=TLSv1.3, verify=FAIL, cipher=TLS_AES_256_GCM_SHA384, bits=256/256Feb 22 07:56:40 myserver sm-mta[20971]: 51IKDucD1512089: to=<in-direct@mail.odoo.com>, delay=3+10:42:44, xdelay=00:00:10, mailer=esmtp, pri=44852439, relay=mx1b.odoo.com. [141.94.241.170], dsn=4.3.5, stat=Deferred: 451 4.3.5 Server configuration error

3. Stopped Sendmail Temporarily:

sudo systemctl stop sendmailsudo systemctl disable sendmailsudo systemctl mask sendmail

How can I identify which script or process is initiating these SMTP connections?

Why does Sendmail restart automatically, even after being disabled?

If this is a compromise, what additional steps should I take to clean the server?

Should I completely block outgoing SMTP (port 25), and if so, what are the risks?