My e-mail account, for my privately run business which I'll call "VeryCoolCompany", is starting to receive bounce-backs for users who don't exist, like these:


In short, somebody is sending e-mails which pretend to be from my company.

No, they are not using my servers to do this. To be precise, my business e-mail is actually a g-mail account in disguise; it is rigged up to my company domain name.

Nevertheless, if there is something I can or should do about this - I'd like to know. For example, does it make sense to contact google? If so, then how? Or do I need to just suck-up and ignore the potential fallout from this?

Brent Arias
  • 227
  • 3
  • 12

3 Answers3


Congratulations, you've just received your first backscatter spam.

Unfortunately, the root cause of backscatter spam is badly configured mail servers which accept a message before determining that it's undeliverable and then attempt to return it to the "From:" address, which is obviously fake.

If there aren't a lot of them, you can forward them to postmaster @ the domain of the mail server from which you received the message, to report the problem. This relies on the hope that someone at the other side has a clue. (I actually did this today for two backscatter messages. For one, the mail to postmaster bounced, and I reported that to rfc-ignorant.org. That was somebody's Exchange server in Kenya...no surprise there.)

One thing you can definitely do is to stop using a catch-all email address, and only set up the specific addresses you need.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940

Nevertheless, if there is something I can or should do about this - I'd like to know

Unfortunately, there isn't. You are at the mercy of the providers receiving the email to know it's 'complete' spam and discard it without issuing a bounce (which is not very likely).

If you haven't already setup SPF records, you should consider doing so. This will reduce your overall risk by making the spam more easily identifiable.

  • 6,439
  • 24
  • 34

Great advice from Jay and Michael Hampton. Just thought I would add that you want to check the SMTP headers to see where the NDR (non delivery report) is actually being generated.

If the emails are being generated by your (gmail) server, then it is likely it is initially accepting emails for any user @verycoolcompany.com then when it realises it cannot deliver them it then generates an NDR to the sender as well as to your account depending on configuration. This is dangerous as if the sender is spoofed, then you will actually be sending spam in the form of backscatter to the spoofed sender which could get you blacklisted.

If however the NDR is being generated by a server not under your control, you can inform postmaster@xxxx.xxx as mentioned, or if it is coming from the same ip address (or same subnet or just a few ip's), you could blacklist that ip and give details to the anti-spam DNSBL providers if you wish.

Robin Gill
  • 2,503
  • 13
  • 13