Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Why Am I Getting Bounces for Email I Didn’t Send?

I keep getting the “cannot deliver email” message from someone I didn’t send anything to or don’t even have in my contacts list. Why is that and what do I do?

What do you do? Nothing. There’s nothing you can do.

Why is it happening? In a word: spammers. Let’s look at what they’re up to.

Become a Patron of Ask Leo! and go ad-free!

Spam often appears to have come from someone who did not send it at all. If that’s you, then you may get bounce messages when that spam is identified as spam by its recipient, or when it was sent to invalid email addresses. There’s nothing to be done, as it was never your doing to begin with.

Why did I get a bounce message?

Spam Bounces for emails you didn’t send are the result of spammers trying to get people to open their spam and click on the links in the spam message.

Spammers want their email to look like it’s coming from someone who might be trusted. In other words, they want it to look like it’s coming from you. “From spoofing” allows them to do exactly that. They write messages using your email address, and maybe even your name in the “From:” address. It’s easy to do, and spammers have been doing it for a long time.

If the email address the spammer sent it to belongs to a real person, they may see email looking like it came from you. They probably have no idea who you are, and perhaps mark it as spam.

Since spammers are simply blasting email out to huge databases of email addresses, they have no idea whether those addresses are legitimate or not. If they send email to an address that no longer exists, never existed,1 or recognizes the message as spam, it bounces automatically.

The email delivery system says, “Hey, I can’t deliver this email; I’m going to return it to the sender.”  Because the sender information on the “From:” line looks like it was you, you get the bounce message.

None of this happened on your machine or your account. In fact, it had nothing to do with you, other than your email address appearing in a spammer’s database.

Steps to take

Unfortunately, there’s nothing you can do to stop it.

All you can really do is mark them as spam and let your email program handle it from there.

If random strangers complain you’re sending them spam, you can point them at this article. As I said, you weren’t involved, it’s not your fault, and there’s nothing you can do.

However, if several of your friends complain you’re sending them spam, it might be something more. Take a look at “Someone’s sending from my email address; what can I do?” That article includes a couple of quick questions to determine whether other things, such as your account being compromised, have happened.

From the sound of your scenario — getting a bounce from someone you have never heard of from some address that you never sent email to — the best thing to do is mark it as spam and get on with your life.

If you found this article helpful, I'm sure you'll also love Confident Computing! My weekly email newsletter is full of articles that help you solve problems, stay safe, and give you more confidence with technology. Subscribe now and I'll see you there soon,

Leo

Podcast audio

Play

Footnotes & References

1: Often the result of a dictionary-style approach to generating email addresses to send to: tom@somerandomservice.com, dick@somerandomservice.com, harry@somerandomservice.com, and so on — whether or not those accounts actually exist.

5 comments on “Why Am I Getting Bounces for Email I Didn’t Send?”

  1. Thanks, Leo. I immediately changed my email password thinking someone had hijacked it, but your answer seems the best bet. I’m now marking it spam and getting on with my life (as you suggested). 🙂

    Reply
  2. Won’t it be fruitless at best to mark these emails as spam since actually the emails you are getting are not spam – they are messages from the mail system. Hopefully spam filters wouldn’t have the power to keep you from getting error messages/emails from the mail system, but it seems like a bad idea to mark these legitimate error messages/emails as spam.

    Reply
  3. I’ve been thinking about this a bit. Whenever a mail transfer agent (MTA) receives email (via ESMTP) it adds a Received-from header with the IP address of the MTA which sent the email. There can be several of these. Why can’t the receiving MTA which bounces the email first do a reverse DNS lookup on the originating IP addresses, and if they don’t match the domain of the purported sender, realize it’s a forgery and not bounce?
    Or better yet, bounce it to the originating IP address. It’s either the spammers MTA or an open relay, and well, they deserve it. Am I missing something?

    Reply
    • Sadly I don’t believe those headers can be strictly counted on — meaning that you could end up bouncing or whatever legitimate email as a result. (PS you can’t bounce “to” an IP address. You can only bounce to an EMAIL address, and they’re rarely related in spam.)

      Reply
  4. GOOD STUFF LEO, KEEP IT COMING… YOUR INPUT HELP’S IN KEEPING PEOPLE
    OUTTA TRBL ON THE “WILD WEB” WHERE ALL MANNER OF DIRTBAG’S
    ABOUND…

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.