Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Why Am I Getting Bounces for Email I Didn’t Send?

It’s simple, yet frustrating.

Spam

Spammers want to send email that looks like it’s coming from someone who can be trusted. They want it to look like it’s coming from you -- and you end up getting the bounce notifications.
The Best of Ask Leo!
Question: I keep getting a “cannot deliver email” message from someone I didn’t send anything to and don’t even have in my contacts list. Why is that, and what do I do?

What do you do? Nothing. There’s nothing you can do.

Why is it happening? In a word: spammers. Let’s look at what they’re up to.

Become a Patron of Ask Leo! and go ad-free!

TL;DR:

Bounces for email you didn't send

Spam often appears to have come from someone who did not send it at all. If that’s you, you may get bounce messages when that spam is identified as spam by its recipient or when it is sent to invalid email addresses. There’s nothing to be done, as it was never your doing to begin with.

Why did I get a bounce message?

Bounces for emails you didn’t send are the result of spammers trying to get people to open their spam and click on the links in the spam message.

Spammers want their email to look like it’s coming from someone the reader might trust. In other words, they want it to look like it’s coming from you. “From spoofing” allows them to do exactly that. They write messages using your email address and maybe even your name in the “From:” address. It’s easy to do, and spammers have been doing it for a long time.

If the email address the spammer sent it to belongs to a real person, they may see email that looks like it came from you. They probably have no idea who you are, and may mark it as spam.

Since spammers are simply blasting email out to huge databases of email addresses, they have no idea whether those addresses are legitimate or not. If they send email to an address that no longer exists, never existed,1 or recognizes the message as spam, it bounces automatically.

The email delivery system says, “Hey, I can’t deliver this email; I’m going to return it to the sender.” Because the sender information on the “From:” line looks like it was you, you get the bounce message.

None of this happened on your machine or your account. In fact, it had nothing to do with you other than that your email address appeared in a spammer’s database.

Steps to take

Unfortunately, there’s nothing you can do to stop it.

All you can really do is mark the bounce message as spam and let your email program handle it from there.

If random strangers complain you’re sending them spam, you can point them at this article. As I said, you weren’t involved, it’s not your fault, and there’s nothing you can do.

However, if several of your friends complain you’re sending them spam, it might be something more. Take a look at “Someone’s sending from my email address; what can I do?” That article includes a couple of quick questions to determine whether other things, such as your account being compromised, have happened.

From the sound of your scenario — getting a bounce from someone you have never heard of from some address you never sent email to — the best thing to do is mark it as spam and get on with your life.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

Podcast audio

Play

Footnotes & References

1: Often the result of a dictionary-style approach to generating email addresses to send to: tom@somerandomservice.com, dick@somerandomservice.com, harry@somerandomservice.com, and so on — whether or not those accounts actually exist.

7 comments on “Why Am I Getting Bounces for Email I Didn’t Send?”

  1. Thanks, Leo. I immediately changed my email password thinking someone had hijacked it, but your answer seems the best bet. I’m now marking it spam and getting on with my life (as you suggested). :)

    Reply
  2. Won’t it be fruitless at best to mark these emails as spam since actually the emails you are getting are not spam – they are messages from the mail system. Hopefully spam filters wouldn’t have the power to keep you from getting error messages/emails from the mail system, but it seems like a bad idea to mark these legitimate error messages/emails as spam.

    Reply
  3. I’ve been thinking about this a bit. Whenever a mail transfer agent (MTA) receives email (via ESMTP) it adds a Received-from header with the IP address of the MTA which sent the email. There can be several of these. Why can’t the receiving MTA which bounces the email first do a reverse DNS lookup on the originating IP addresses, and if they don’t match the domain of the purported sender, realize it’s a forgery and not bounce?
    Or better yet, bounce it to the originating IP address. It’s either the spammers MTA or an open relay, and well, they deserve it. Am I missing something?

    Reply
    • Sadly I don’t believe those headers can be strictly counted on — meaning that you could end up bouncing or whatever legitimate email as a result. (PS you can’t bounce “to” an IP address. You can only bounce to an EMAIL address, and they’re rarely related in spam.)

      Reply
  4. I too was getting “cannot deliver email” messages to someone I didn’t send anything to and don’t even have in my contacts list. It turned out that in my email account I was allowing “Mail Forwarding”. In there was an email account that was no longer in use. So I must have been unknowingly sending mail to that account for who knows how long. Once that account was no longer valid, I would get the ‘cannot deliver’ notice. I reset the mail forwarding feature to NO and removed the phony email address. I checked my other email accounts and found the same issue in one other account. We are apparently sending copies of our emails to hackers without knowing it. I would suggest that everyone check their Mail Forwarding feature.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.