I am receiving many ‘failed delivery’ notices for messages I have never sent. They are sent from [[email protected]] (mailto:[email protected]) and all have different send-to addresses. These suspicious looking messages are then “returned” to me. I always delete them as soon as possible but I am constantly receiving them. I have tried blacklisting the senders domain and email but the sender is different every time so this doesn’t work. How can I stop receiving these???
Just treat them as spam messages, there is nothing you can do. I used to get a lot of these and after a few months they stopped.
A spammer can put whatever they want in the From or Sender headers, or both. They are not used to send an e-mail. In fact, to To, CC, and BCC headers may not point at the actual recipients if the spammer’s client ignores the content of those fields, and instead issues RCPT TO commands to the server specifying who are the recipients.
If a spammer uses your e-mail address in their From or Sender header, a mail server that fails to send the spam may report the NDR (Non-Delivery Report) to you who were never involved in sending the message. That happens if a sending mail server batches up its sends to connect sometime later to the receiving mail server. This is bad practice since it means the sending server no longer has the envelope or a current connection to the sender’s server. During a mail session, the server knows who connected to it. In a later batch operation, the sender is no longer connected, so the server only has the From, Sender, or other headers to use to send an NDR - but the spammer could’ve specified anything in those fields. Spammers hide, so the headers won’t point back to them.
Those NDRs or bounces are due to a spammer falsifying their sender tracking headers, and lots of mail servers do not verify that the sender identified in a message by its headers matches the account through which the message gets sent. Some do as an anti-spam measure on outbound mails (sender must correctly identify the account through which they send), but most don’t.
This is also why the challenge-response (CR) scheme generates spam. Users of CR send received spam messages to the sender of the spam. However, again, the spammer can specify whatever they want in the client-side headers for sender identity. The automatic CR replies (asking the sender to verify they sent a message) hit innocents never involved in the mailing. I treat such CR requests trying to get me to clean up someone else’s Inbox as spam, and report them to Spamhaus, Spamcop, and their sending mail provider.
1 Like
Thanks for your reply, as you suggest I have categorised them as SPAM on the Plusnet Webmail page but all this does is to put them into the Junk box which I was doing anyway. There doesn’t appear to be any further consequences of the Spam classification. Since posting my original message I’ve received around a dozen more and all appear to come from Hungary. I wonder if there is a way to Blacklist the country?
Thanks for your most comprehensive explanation. The only possible action from your reply appears to be to report the sender(s) to ‘Spamcop’ (who I had never heard of) so will have to think about this. I’ve never opened any of the links contained in these messages so perhaps they will eventually get bored and stop, as suggested by another responder. Thanks again.