I don't believe this is "spam" in the true sense of the word "spam".
At first glance, it appears to me to be a type of SMTP (Simple Mail Transfer Protocol) mail bounce attack.
And it would appear that now they have your mail servers address as firstname.lastname@example.org den 03.04.2008 12:59
The e-mail account does not exist at the organization this message was sent to.
Check the e-mail address, or contact the recipient directly to find out the correct address.
< mailfb.netuse.de #5.1.1 SMTP; 550 <email@example.com>:
Recipient address rejected: User unknown in local recipient table>
What the attacker is doing is "Reconnaissance". Their hoping that by sending this email to an address that doesn't exist, that it will "bounce" back an error message in the attackers email with your true email servers address. And it will send a list of host names and IP addresses back to them. The attacker can learn much about your companies IT and networking structure and plan out attacks by running whois and Nmap...along with other various methodologies of enumerating and fingerprinting / foot printing your companies network.Code:mailfb.netuse.de
Be careful in how you deal with this. But on the brighter side, this method also exposes the attackers IP address assuming that they aren't using anonymous proxy chains and etc.
In that email...there should be an originating IP address if you look at its headers.
Hope this info helps.