Skip to main content

I got a bounce back warning for a message I never sent

Sometimes you will receive an automatic email message saying you have been unable to send a message to an account. In some cases this bounce back comes despite your never having deliberately tried to send such a message. An example bounce back message is given below.


>>> <Mailer-Daemon@mail.wbs.warwick.ac.uk> 8/7/2008 9:19 AM >>>

The message that you sent was undeliverable to the following:

fm99ksnzepm@wbs.warwick.ac.uk (user not found)


This page is intended to explain why you receive such messages.

Imagine the following scenario…

You have a contact called John. Perhaps he is a colleague, a business contact or a student. Unlike you, John is not so careful about which attachments he opens and this morning he opened one that contained a virus. His computer is now infected.



Once the virus has infected John’s computer it starts searching that machine for email addresses. The virus is not able to access the GroupWise address book as it is encrypted but it can search for email addresses within files.


As John is a contact of yours the virus will likely find your email address on his computer.

Once the virus has stolen some email addresses from John’s machine it starts to try to send virus-infected or spam emails to those addresses. The clever part is that the virus also uses these email addresses in the ‘From’ section of the email. Hence John’s virus-infected computer is now sending out infected emails with your name as the sender.



These infected emails are sent to any other email address known to the spammer. In addition spammers will try to guess email address and send messages to those as well. To the spammer there is no marginal cost in sending spam as they are using someone else’s computer.

When the spammer (using John’s computer) sends a message to an account that does not exist the receiving server sends back a ‘User not found’ message. Hence you receive the curious bounce back message despite never having sent an email.



What can you do about this?

Unfortunately there is not much you can do about the warning messages being sent to you except delete them.

The fundamental problem is with the email protocol. This was created when the Internet was much smaller and was only used by government officials or scientists. A number of organisations are looking at more secure email protocols (e.g. Microsoft and Google) but no final decisions have been taken.