Why am I getting a bounce to an email I sent from someone I didn't send it to?

Home » EMail » Email Privacy

Summary: Often times when you send an email and there's a problem you'll get a bounce in return. If that bounce is from someone else, something might be fishy.

So you send an email to person "A" and get a bounce from person "B"?

Something's fishy, that's for sure.

If it is what you think it is, then his boss screwed up. But if that was a company email account, then he has every right to do exactly what you - and I - suspect.

•

First, quickly, the issue at hand: can an email address like "someone @ somewhere .com" be intercepted and automatically and transparently copied to another address? If you own the server that handles the email for "somewhere .com" then the answer is absolutely yes. That email can be automatically copied, logged, forwarded, scanned, analyzed ... whatever. The mail server that receives the email can do all sorts of things.

Including sending copies to your husband's boss.

Which, I agree, is exactly what this looks like.

However in this case your husband's boss - or rather his IT department - screwed up, in at least a couple of ways:

• That email should never have bounced, and certainly should never have bounced back to you. And that's for the simple and obvious reason that because of that bounce you found out that something might be going on.

• That particular approach of automatically forwarding to another inbox is error prone anyway for exactly that reason. It's a poor, though simple solution. More appropriate might be to log all incoming mail to a file. As an example, I happen to log all of my incoming email (including spam, in case I need to go back and find a false positive) on my mail server. That's in addition to downloading mail into my email client.

What most people fail to realize is that companies are allowed to monitor employees like this. When you use company equipment and services, the fact is that they can spy on you. As I've put it before, your privacy ends where your paycheck begins.

So, what can you do?

First: don't email your husband anything you wouldn't want his boss (or IT department, or anyone else for that matter) to see, especially not on that company email account.

You might think to just use a different email account (one of the free web-based services, for example), or an instant messaging service, but the problem here is that the company can frequently still monitor what's going on.

The only potential solutions that I can think of are encryption, in either of two forms:

• Having your husband use one of those web-based email services and making sure to access it only via an encrypted https connection. This is pretty easy.

• Using true encrypted email, so that even if his boss does get a copy he can't read it. Sadly encrypted email's not typically that easy to set up.

But even so as I've discussed in earlier articles, if your husband is using a work computer to read your email, then all bets are still off. The company could have installed monitoring software or spyware on the machine.

If you really don't trust the company, and it seems like you have data to say that you can't, the only real solution is to communicate via other means not owned or controlled by the company. A cell phone, perhaps with its own email and IM access, for example.

Related:

• Ask Leo! - Can my boss see my mail and instant messages?

• Ask Leo! - Can my ISP monitor my internet usage?

• Ask Leo! - Just how secure is email, anyway?

Article 12438 | Posted May 15, 2008