In the last few weeks, we have received many HelpSU request from the campus community similar to the following:
"I wanted to let you know that my e-mail address xxxxx@leland.stanford.edu has been compromised and SPAM is being sent from this address to other e-mail accounts. I only realized this because my inbox is now clogged with system administrator e-mails noticing to me the failure to deliver messages that I haven't written."
This is most likely *not* a case of a compromised account (SUNet ID and password), but rather of a forged (or "spoofed") @stanford email address used from outside campus by a spammer. On occasions when a Stanford user's account has been compromised the IT Services email team is quickly made aware of it via the monitoring tools they have in place and the accounts are temporarily disabled while we contact the user and assist them with changing their SUNetID password.
Spammers can set up the servers they use to send outbound email (which are often infected PCs located all around the world) to allow them to forge any "From" address they choose. So they can send email with a From address of "xxxxx@leland.stanford.edu" through their own outbound email server, and Stanford has no ability to stop that. And they don't need your password to send that email.
When the anti-spam system of the recipient of that email detects the forged email as spam, the bounce comes back to the real xxxx@stanford.edu account. It is those bounces which are causing confusion, as Stanford users are naturally worried about the security of their own email account.
Here's a pointer to a Wikipedia entry which describes the frustrating problem of email spoofing in more detail.
Unfortunately, Stanford can do nothing to prevent spammers from fraudulently invoking @stanford email addresses to send their spam, and the various anti-virus/anti-malware software products that flag such spam are generating the bounce messages back to these legitimate Stanford addresses. We apologize for this intrusion into your already busy email lives. IT Services will continue to look for technological solutions to this vexing problem.