I believe one of our users Email address has been spoofed because he is receiving non-deliverable messages of mails he hasn't sent or doesn't exist in his mailboxes "sent items". Although annoying I think that's pretty harmless.
However what feels alarming to me is that our messaging gateway shows the attempt to send such messages and I can even find them using Exchange 2010 Server tool Message Tracking.
What's common to these mails is that at the start of the subject line it says "Unread:" (or not read, I don't know the term in english because we have different locale) before the actual heading.
Should I be alarmed about this or is this expected behavior when someone receives NDR reports of emails that they have not sent.