Support: Questions and Answers Detail
Q: Why do I get bounced, undeliverable messages and attachments for email that I never sent?
A:
Spam and viruses: forged addresses
The address from which spam and virus messages are sent is almost never what appears in the "From" line of the message header. Usually the "from" address is invalid, non-existent, but sometimes the message appears to come from a real address. This can be an embarrassment to the real owner of the address, and can also confuse the recipient. If your address is used in a forged "From" line, you may well receive confusing error messages (as described in the second section of this note).
Common hoaxes
Common hoaxes include:
Messages that appear to come from a bank which ask you to go to a phoney web-site and enter confidential information.
Messages which seem to come from Microsoft technical support, suggesting you should open an attached "update" file, which in fact contains a virus
In all the above cases, a forged "From" address helps to put you off your guard.
The examples listed above are just examples. New hoaxes are appearing all the time, so you should be on your guard against anything like the examples given here. Never divulge confidential details or click on links or open files, unless you know that the message you are responding to is genuine.
The possibility of forged addresses also means that you should take care before accusing someone of sending spam. The "From" line in the message header is NO evidence as to where the message comes from.
To tell where a message comes from you need to display and interpret the full headers.
The majority of spam messages have completely spurious and random "From" addresses which vary from message to message. For this reason filters which rely on the "From" header are unlikely to be effective.
Spurious error messages
It may happen that a spam message or virus is sent out using your address as the "sender". You should not worry about this possibility. It is now widely known that the "From" line in the mail header cannot be relied upon, so you will not be held responsible for spam or viruses that have your address as the sender.
However some spurious error messages may well be sent to you as a result of spam or viruses which appear to have been sent by you. For example the error message reporting that a message has not been delivered is usually sent to the address that appears in the "From" line. The same is true of messages that are automatically sent by mailscanning software when a virus is detected: often this will be sent to the address in the "From" line.
As a result, if your address has been used in spam or virus messages you may well find yourself receiving a number of error messages relating to emails which you know full well are nothing to do with you. In some cases the number of such spurious error messages can be quite large.
If you receive these spurious error messages you should not worry. If the only indication of anything wrong is that you have received spurious error messages, then you should take no action. Just delete the error message and forget about it.
