Seems like a design flaw of the interface if it tells you something is attempting to make a smtp connection but doesn't tell you which process. Are there perhaps more details logs that exist? Besides looking at the logs itself I don't see how we can help you considering the firewall of choice doesn't even tell you what process it is. – Ramhound – 2012-12-10T14:40:07.427

@Ramhound Well, normally little snitch would tell you all you need to know, but in this instance there is no information of use.

That process is simply SMTP, and nothing more. That is the confusing part! – John – 2012-12-10T14:43:14.390

@slhck Well, that is the other odd thing, it's trying to connect to the google dns servers 8.8.8.8, 8.8.8.4 and then 10.0.0.1. What is 10.0.0.1? Some kind of broadcast attempt? – John – 2012-12-10T15:13:34.947

Ah right, ok, it's showing me that it's postfix - /usr/libexec/postfix/smtp and user _postfix (UID: 27) but that could be anything trying to send via postfix i guess. How would i then identify what is trying to use postfix? – John – 2012-12-10T15:15:08.690

Yes, that would be Google DNS and 10.0.0.1 is default gateway address if you happen to be in the same subnet. It's not a broadcast though, technically speaking. – slhck – 2012-12-10T15:15:13.277

Ok, well i've been able to identify the process and it simply says it's postfix. So, i guess i now need to find a way of inspecting postfix. I have no idea how to do this. I tried sampling the postfix process but it doesn't tell me anything useful. – John – 2012-12-10T15:20:17.103

Really odd, the e-mail message seems to be trying to go to someone@johndoe.com. I've removed it from the mail queue now, will just have to see if another one appears there. Thanks for all your help!! – John – 2012-12-10T15:36:46.773