I received a bounced message for an email that I did not send. OR I received a complaint from someone saying I sent a virus, but I didn't send the email. What is going on?
Internet email messages can be forged. The email sender can set their “From:” header in their email messages. This allows Interenet abusers to fake the identity of the sender. This type of identiy disguising is also possible through the SMTP protocol, where during the email message communication, Internet abusers can provide any email address in the “MAIL FROM:” section of the message delivery.
As a result, spammers are known to use random email addresses in these fields to mask to their identity. They also are known to harvest valid email addresses and use them in these fields to disguise the real origin of the messages. Spammers can harvest email addresses from spidering websites, spidering forums, and with viruses which can harvest an infected computer's contact lists. This is particularly annoying as the emails appear to be legitimate, and can bypass many anti-spam measures used today with a valid email address.Because of these shortcomings in SMTP and email message sender authentication, there is little that can be done to prevent this type of abuse.
If the messages are being directed to your inbox via email addresses that do not exist, they are being sent to your inbox due to the catchall email address configuration. We recommend that you disable the catchall configuration so that these email messages do not invade your inbox. These email messages will bounce, letting other mail servers know these are not valid email addresses.
If the messages are coming directly to your inbox because from a forwarding email address or directly to your pop account email address, there is nothing we can do to prevent them from being sent there. We recommend that you consider changing your email address if that is feasible for you.