You’ll need to check the raw log files. They should be located in ~/logs/yourdomain.suffix/http/access.log You can then grep it for what you want, something like:
cat access.log | grep formail
should get you what you want.
A word of advice however, there really is little point of going after these people. The IP addresses will probably resolve to comprimised machines used by hackers/spammers to target their next victim. The person that owns that machine might not even know it’s comprimised or it’s probably located in a far away land somewhere.
As long as you don’t have a copy of formail then you sshould be fine. And please don’t install it if you haven’t. What you can do, if you want formail’s functionaility is to download the nms replacements, probably found on sourceforge.net or elsewhere. Or you can use Dreamhost’s own formail service found in your web panel.