There are publicly available username/password lists from hacked websites. Since many of them require email addresses, you could write some code to extract them into a separate file. You could also write code that combines dictionary words with common email providers, any that bounce could be deleted. You can also buy lists from the dark web. As far as sending the mails, you would have an email server running, and you’d spoof the from address.