For what it's worth, your Joomla probably wasn't compromised by an
external attacker. There was a bug (which we've since fixed) which left
a stray e-mail to a non-existent address in the outgoing mail queue. The
postfix server on your appliance tried sending that e-mail over and over
again and Amazon's network monitoring system triggers on a hairpin with
anything to do with e-mail.
Not an attacker, just a bug + paranoid Amazon monitor...
For what it's worth, your Joomla probably wasn't compromised by an external attacker. There was a bug (which we've since fixed) which left a stray e-mail to a non-existent address in the outgoing mail queue. The postfix server on your appliance tried sending that e-mail over and over again and Amazon's network monitoring system triggers on a hairpin with anything to do with e-mail.