There are a number of reasons why you could be receiving undeliverable mail that supposedly came from your email account.
Backscatter
Backscatter is the name given to messages that are generated when a spammer or worm (worm=computer infected with a spambot virus) uses your mail address in the From: line of their messages. If the spam message can't be delivered for any reason, the receiving host will send back a non-delivery report or bounce, to your address because it was in the From: line. Legitimate bounces come back to you when you enter a recipients address wrong or their mailbox is full but if you're getting bounces from messages you didn't send then you're seeing backscatter. These bounces from mail servers, usually have a subject of "Delivery notification: delivery has failed", "Returned Mail: see transcript", "failure notice", "Mail Delivery Failed", "UNDELIVERABLE" or "Undelivered" etc. The messages typically originate from "MAILER-DAEMON", "postmaster","Mail delivery subsystem", etc. If a spammer sends a large number of messages, you may receive literally hundreds or thousands of 'bounces'.
What can you do?
The bad news is, you can't stop spammers from forging your email address or spambots from using it either. Compounding the issue, until the mail servers that create backscatter by bouncing SPAM are configured not to do so, the backscatter problem will continue.
The good news is that in *most* cases once the spammer's SPAM run has completed, the backscatter will soon cease as well. The problem you are having with backscatter may periodically repeat as a result of spammer's actions.
One action you can take is to configure a rule in webmail to delete or move bounce-type messages to a special folder. You will need to keep in mind that legitimate bounces are also subject to your rule's actions. With that in mind you will want to disable the rule once the backscatter subsides.
Why was my email address chosen?
Your email address could have been chosen randomly, or it was harvested off a web page, or off the contact list of a virus infected computer whether it's yours or someone you know. Sometimes they are harvested by computerized methods of 'pinging' a mail server to see if a user account is known and able to receive email. By the very nature of email, email servers must remain open to the extent that they need to receive messages that they don't know are coming, nor who they are coming from.
What can I do?
Best practices for safety are;
- Always run a quality anti-virus software on your home computers and keep it up to date.
- Always connect to your email through a secure connection, otherwise your password is transmitted in plain text, which is easy to grab, especially in public wifis.
- Always use a secure password of at least 8 characters in length. Use a random password generator such as http://passwordsgenerator.net or http://www.pctools.com/guides/password/%20/ to create your password. Remember, what is easy for you, is easy to break for a hacker.
- Never use the same password in more than one place. Use a new password everywhere, and then use a good password manager to store them so you can look them up. We use http://www.splashdata.com/splashid/.
Star Web Management
www.starwebmanagement.com
