On Mon 12 Oct 2015 at 10:43:42 -0400, Stephen Powell wrote: > About a week ago, I discovered hundreds of "mail delivery failure" > messages in my inbox. Investigation revealed that they were all for > SPAM e-mails that I did not send. I am guessing that this means one > of two things: > > (1) Someone discovered my password somehow, logged into my ISP > account as me, and sent out a bunch of SPAM.
I tend to think passwords (except the very simplest or guessable ones) are not "discovered" but handed over. > Or > > (2) Someone sent out a bunch of SPAM, spoofing my e-mail address > as the sender, and the delivery failures came to me. > > How can I tell which is the case, and if it's (2), is there anything > I can do to defend myself against this sort of thing in the future? Mails composed with Mutt which leave this machine have the not very imaginative header "X-Backscatter: 123456789" in them. If one of them is rejected the bounce message usually has all the headers of the original mail in its body. A bounce message can be searched for the presence or otherwise of the X- header and dealt with accordingly. Maybe SpamAssassin in conjunction with Zimbra is worth a look.
