I have the same problem as the OP in that I am no longer a VM subscriber and would like to delete my old email account. I received a nasty email on the account and, as I don't use it, decided I want to close it down. Unfortunately my VM site login no longer works.
Thanks for getting back to me. I went onto the haveibeenpwned site and there are 5 databases that contain my old blueyonder email address that have been hacked so I guess that's why malicious emails. I have a hotmail account with similar issues. There is the chance that some of the breached databases contain password info, which is worrying. I do reuse some passwords for site logins but because I don't know which sites used the hacked database I just have to change them all. My blueyonder address is has also being used for email spoofing.
One of the hacked databases was run by Adobe and they are the only company responsible enough to give me a warning about the breach. It happened some time ago and I went through the whole password reset thing then.
Anyway, it may be old news around here, but I hope the haveibeenpwned site proves useful to some of the folk on this forum. You can use it along with mailtester to get an idea of the threat. Closing down an email account won't stop your address from being used for spoofing but at least you won't be inundated with email bounces and irate replies, and people affected will get a bounce and realise you are a not the source. What closing the email account does do is remove an avenue of malicious attack.