I got bitten by this sort of thing Spring 2012. CERT told me they started seeing it in January 2012.
"US-CERT has been aware of this type of domain spoofing since January. This insidious form of spam generates twice the network
traffic because most of the target addresses do not exist, generating bounce messages like yours. This used to be someone benign,
but recently they started adding spam triggers to the Subject; now they are sending entire spam messages."
If you examine the MTA closely, you may notice that the first entry, the source, is not your IP address. The rest of the headers are forged to make the spam appear to come from your computer, particularly to stupid mail servers that look only at the "FROM:" field and not the beginning of the Message Transfer Authority trace. Typically, all you get is the bounce message from the target, but smarter SMTP servers will send a copy of the message that includes the full header. That's where you can look to confirm that the message did not originate in your domain.
Here's an example bounce message: [I have collected over 600 of them.]
<firstname.lastname@example.org>: 421 4.4.0 [internal] no MXs for this domain could be reached at this time
Content-Description: Delivery report
X-Symantec-Brightmail-Gateway-Sender: rfc822; 9111B64@[my domain]
Reporting-MTA: dns; diespam.netizen.com.ar
Arrival-Date: Tue, 28 Aug 2012 00:04:27 -0300
Final-Recipient: rfc822; email@example.com
Last-Attempt-Date: Tue, 28 Aug 2012 00:04:27 -0300
Diagnostic-Code: smtp; 421 4.4.0 [internal] no MXs for this domain could be reached at this time
Content-Description: Undelivered Message Headers
Received: from [126.96.36.199] (Unknown_Domain [188.8.131.52]) <<<-- This is the originating ip address, which does not exist.
by diespam.netizen.com.ar (Symantec Brightmail Gateway) with SMTP id F2.93.02934.A7BAA305; Sun, 26 Aug 2012 20:04:27 -0300 (ART)
From: "Cheap-Vigara" <9111B64@[my domain]>
Subject: Best prices in the market