In order to retrieve email you should use secure IMAP (IMAPs) on port 993. The IMAPs server is picton.eecg.toronto.edu.
For sending EECG email, you also need to set picton.eecg.toronto.edu as the SMTP server, but it only allows external connections with authentication and encryption. Use port 465, which allows only auth + "smtp-over-ssl", smtps, connections (smtps nowadays is used only by outlook express).
Unfortunately, forging mail headers, especially the "From" address, is trivial. A lot of viruses and spam do exactly this. Postal mail provides an exact analogy: just as anyone can put anyone's name on a postal envelope, this is also true for email. The short answer to the question above is that most likely you have received an email with forged headers. Please destroy it and do not open any attachments that it may contain.
Please also note that, if your EECG username is a common name, such as Bob or Tim, you will tend to see a lot more of these emails, since spammers have a tendency to use well-known usernames in "From" headers. Until email is completely redesigned, there is nothing that you can do to stop this from happening. Using the postal service again as an analogy, it is like trying to stop people using your home address on envelopes.
EECG/ECE/CNS staff will never send you an email containing an attachment. Do not open the attachment: it more likely than not contains a virus.