Email “Delivery Failure” Messages
This article was originally written for ArrowQuick Solutions, a technology consultancy for small businesses.
This may have happened to you: You’re reviewing your new email, and you see a bunch of messages from strange names like “Mailer Daemon”:
"Mail Delivery System" <Mailer-Daemon [at] example [dot] com> Date: Mon, 10 Mar 2008 04:44:24 -0600 To: <you [at] youraddress [dot] com> Subject: failure notice This message was created automatically by mail delivery software. A message that you sent has not yet been delivered to one or more of its recipients after more than 24 hours on the queue on mail.example.com. The message identifier is: 1JYIJ1-0008Ew-JK The date of the message is: 10 Mar 2008 10:02:56 +010 The subject of the message is: Buy Viagra The address to which the message has not yet been delivered is: some-unfamiliar-email-address [at] example [dot] com.
You’ve received messages like this in the past when you mistyped an email address, but these emails don’t look familiar at all. What’s going on? Has your account been hijacked?
Well, no. At least, not in the traditional sense.
What’s Going On?
Although it’s possible that the account was hijacked, the more likely explanation is that a spammer is pretending to send email as you by using your email address as the “From” address. Then, when they inevitably send spam to a mailbox that no longer exists (or is full, or the email is deemed suspicious), the destination post office sends the return message (the “bounceback”) to you.
You can do the same thing with regular “snail” mail. Write your neighbor’s address in the return address field of an envelope and mail it to a nonexistent address. The post office will return the mail to your neighbor rather than you. (Note: Please don’t do this.)
You may be surprised to learn that there are no technological defenses to prevent somebody from sending emails using your email address! This is because the original creators of the Internet didn’t anticipate this kind of abuse. Now the worldwide tech community is playing a sort of catch-up game of escalating tactics with the spammers.
What To Do
Unfortunately, there’s nothing to stop someone from doing this. If the returned email is obviously not yours, then it’s best just to ignore and delete it. Usually these messages come in surges but go away fairly quickly, after the spammer moves on and uses a different email address for his next batch.
Spam filters might not catch these bounceback messages, because the messages are valid mail system messages, even if they are referring to spam.
The best way to prevent spammers from using your address in the “From” field is the same as the best way to prevent spammers from using it in the “To” field — don’t publish your email address out on the web where spam robots can harvest it and add it to their collection.
Update: One thing you can do is set up a rule in your email software to filter out these emails. Most return messages are sent from postmaster@ or mail-daemon@ addresses. Note that this will also filter out legitimate emails.