Email Forward receives "Did not Deliver" notification?

0

We have an email forward info@example.org that goes to a client's personal email address which is not on that server or domain. The client received a "did not deliver" notification addressed to info@example.org, and they said they were not the ones that sent this email that was never delivered. Here is the content of the notification email:

This message was created automatically by mail delivery software.
A message that you sent has not yet been delivered to one or more of its
recipients after more than 720 hours on the queue on otherserver.com.

The message identifier is:     1VAhiC-0003UW-KY
The subject of the message is: How to Get Skinny
The date of the message is:    Sat, 17 Aug 2013 11:34:15 -0200

The address to which the message has not yet been delivered is:

  save to /home/izs/imap/otherserver/info/Maildir/.INBOX.spam/new/
    generated by info@otherserver.com

No action is required on your part. Delivery attempts will continue for
some time, and this warning may be repeated at intervals if the message
remains undelivered. Eventually the mail delivery software will give up,
and when that happens, the message will be returned to you.

We're not associated with otherdomain.com. As far as I know, it's impossible for info@example.org to send this email because it's only a forward.

Can someone please explain to me how this may have happened, and ways to fix it?

We're using shared hosting on Bluehost if that's relevant.

ITS Alaska

Posted 2013-09-20T21:13:42.923

Reputation: 103

My two cents are that the e-mail server tries to send an e-mail to an address that it can't find. As such, the server send you that message, to notify you of Failure to Send. – Doktoro Reichard – 2013-09-20T21:23:43.137

@DoktoroReichard But what would cause the server to send the notification to this forward if it clearly didn't send the message in the first place? Is it possible that the email was sent from another email address, but the From address was info@example.org? – ITS Alaska – 2013-09-20T21:28:05.420

Answers

1

It's called 'spoofing' and, because of the way that email works, it's as easy as typing in a different email address and *poof!* I or anyone else can send email as info@example.org. There is no access required to the account or server that handles the mail for the domain.

The receiving server doesn't necessarily know the address is spoofed, so when an undeliverable message needs to be bounced back it sends it to the address it supposedly came from.

If you want to prevent spoofing you can put in place an SPF record in your DNS which defines what servers [if any] are permitted to send mail for your domain. Receiving servers can [but are not required to] use SPF records to verify the validity of an incoming message.

Sammitch

Posted 2013-09-20T21:13:42.923

Reputation: 1 039

Asked: 2013-09-20T21:13:42.923

Viewed: 95 times

Active: 2013-09-20T22:19:05.650