There is nothing you can do to prevent people from forging your email address (although SPF record checks can help recipients determine that they were forged). Forging the sender's email address for an email message is as simple as changing the "from address" in your email sending program, and anyone can do this.
Only the person or computer who sent the email message knows for sure why email addresses at your domain are being forged, but it is common for spammers and email borne viruses to forge the SMTP mail from address for email messages that they generate. If a spammer or virus forged one of your email addresses and the email that they sent was undeliverable, you may get the bounce (Delivery Status Report or DSR).
There are two theories on why they do this:
1. A forged email address is used because a message requires a valid mail from address in order to be accepted by the recipient, and the virus/spammer:
- Doesn't have a valid email address
- Wants to remain anonymous
- Doesn't want to receive the large number of bounces from invalid email recipient email addresses
- Wants to send their bounce messages to an enemy just to annoy them
2. To gain trust, the mail from address might be forged:
- To appear from the postmaster at your domain
- To appear from someone else at your domain
- To appear from someone with whom you do business
You typically don't want to block these bounce messages, as it is important to know that someone is forging your email address.
If you are being inundated with bounce messages because a spammer or virus is using your email address to send many undeliverable email messages, you may opt to temporarily DELETE all messages from a null sender (Custom Content Filter where From Equals <>). Make sure and disable this blocking when things quiet down, otherwise you won't receive any bounce messages for relayed emails that you send that can not be delivered.
Additionally, many of the forged email addresses at your domain may not even exist. It is recommended that you disable any catchall email alias that forwards email for all non-existent email addresses at your domain to your inbox, or use the Mailboxes feature to reject DSR messages sent to invalid email addresses.
