I have received several email bounce messages from “Mailer-Daemon” saying that a message which I sent to a particular email address has not been delivered. However, I have never sent an email to that particular address! Has someone hacked into my email account and sending messages? My computer is running Windows Vista Premium and McAfee Security Center.

The messages which are you receiving are known as “backscatter” (also known as collateral spam). The reason this occurs is because a party who is sending email spam has acquired your email address. They are then placing their email address in the “From” field for the spam messages which they are sending. The way that the internet email protocol works allows anyone to put any email address as the “From” field for messages which they send. For example, I could send an email with your email address as the sender in the “From” field by simply reconfiguring my email client with your email address. This does not mean that the spammer has hacked (or more correctly, cracked) their way into your email account, as they cannot access your email account. To put it basically, they are sending emails and saying that they are from you (much like someone making a phone call and saying that they are you – they don’t have access to your phone line, they are simply saying they are you).

So, we have established that someone can change the sender (From) field in an email which they send across the internet and place your email address as the sender. When spammers send messages they literally transmit messages to thousands upon thousands of email addresses. Quite a few of these email addresses are invalid or otherwise undeliverable. When the email cannot be delivered the receiving server sends a bounce message informing the sender their email was not received. As your email address is listed as the sender, you are receiving these bounce back messages.

Unfortunately there is nothing you can do to stop this from happening except mitigate the inconvenience of receiving the bounce messages by perhaps setting up a filter in your email client to automatically delete bounce messages (e.g. any messages which have “Mail delivery failure” in the subject line). However, be aware that doing this will also cause legitimate email bounces (in response to you sending an email to an invalid address) to also be deleted. That said, this should be a relatively infrequent occurrence so hopefully it should not cause a major inconvenience.

Rest assured that backscatter is not an indication that your email account has been compromised. For more information on this have a look at: en.wikipedia.org/wiki/Backscatter_(e-mail).