This normally happens when a mail server is configured to relay a message to an after-queue processing step, for example, an antivirus scan or spam check, which then fails, and at the time the antivirus scan or spam check is done, the client already has disconnected.
In those cases, it is normally not possible to reject the SMTP transaction, since a client would time out while waiting for the antivirus scan or spam check to finish.
If they accept the email during the connection phases and then, after further checking, refuse it (e.g., software determines the message is likely spam), they will use the (potentially forged) sender's address to attempt a good-faith effort to report the problem to the apparent sender.
Mail servers can handle undeliverable messages in four fundamentally different ways: Backscatter occurs when the "bounce" method is used, and the sender information on the incoming email was that of an unrelated third party.
Mail servers sending email bounce messages can use a range of measures to judge whether a return address has been forged.