It's called NDR (Non Delivery Receipt) Spam or backscatter. Have you ever received a message in your inbox saying that something you sent was undeliverable or bounced? Spammers are now using this courtesy response to get their information in your inbox. They send e-mails to addresses that do not exist, and say that it is from you. Or they use your e-mail address as the sender for their entire, enormous mailing list. Then when any messages bounce back they are sent to your e-mail address. This is possible simply because email servers cannot authenticate that the person sending the message is in fact the owner of the address being used.

How would a spammer get these e-mail addresses? It is not unusual for a company or person to post a contact e-mail address on a company or personal website. Spammers can collect these, and use them as their own address for their enormous mailing lists, thereby eliminating the need them to deal with the inevitable 'Return To Sender' NDR e-mails.

This type of spam can be quite dangerous. Because technically the message is coming from the reader's own mail server, the chances of them opening it, and anything that might be attached, is much higher then with your typical spam. And for the exact same reasons it is considered much more insidious as well because it's much harder for a spam blocker to filter out. The most likely outcome of NDR spam is that a single domain will be spoofed as the sender of a spam message, and then be inundated by NDR messages from the long list that the message was sent to, overwhelming a company's exchange server. At its simplest it can overwhelm an exchange server, and force a user to waste time sorting through their inbox.

Little can be done by an individual to eliminate this type of spam, but an internal IT manager can turn off the option to have NDR messages produced at the mail sever. Spam filters can also be put in place to delete any messages that contain frequently used spam content, or subject-line only messages with no content. This can make it a little more difficult for users to send and receive their e-mail, but if they are made aware of the restrictions necessary to maintain optimum operations, problems can often be avoided.

In general this type of spam causes a significant nuisance to users and system administrators, but as with other types of spam, the technology is even now being developed and implemented to put another road block in the way of backscatter.