What can I do if I suspect someone is spoofing my email domain?

Andrei Tiut March 6, 2013
Pinterest Stumbleupon Whatsapp

Hi,

I have a domain and I have set up personalized email adresses via Google apps. From time to time i get out of office replies to addresses like this: BuyViagra.Here, where the @domain.com is my domain.

I am pretty sure no-one has hacked the actual domain. Also, I have added some SPF entry in the DNS file, something like: “v=spf1 include:”

Should I do anything more? I know that you can easily fake any email adress, but I am concerned that the domain may become blacklisted.

Thanks

  1. Hovsep Avedissian
    March 7, 2013 at 7:15 pm
  2. GreyMatatabi
    March 7, 2013 at 4:04 pm

    you could report it to knujon http://www.knujon.com/ , it's a internet security project from wiki

    KnujOn, "no junk" spelled backwards and pronounced "new john", is a project involved in Internet security. KnujOn targets spam at its root, attacking the illicit activities that spammers derive their revenue from.[1] To that end, KnujOn runs an automated spam reporting tool.

  3. Jan Fritsch
    March 7, 2013 at 2:15 am

    I'm afraid there isn't much you can do other then (properly) setting up SPF.
    Rejecting spoofed messages is an anti-spam measurement that needs to be done on the receiving end.
    If the receiving server does not check the SPF and other anti-spam policies do not filter out these messages you will continue to receive such "reverse spam"..

  4. Bruce Epper
    March 6, 2013 at 10:57 pm

    Blacklisting due to email address forgery is pretty rare, after all I still get dozens of emails per week claiming they originated at Microsoft, Facebook, and Twitter and none of them have been blacklisted. As long as you are employing appropriate measures such as SPF, you shouldn't run into any trouble.

    As a side note, since your SPF fule is "something like", you should probably check here to verify that you haven't created an invalid (and thus non-functioning) rule.