With the way that SMTP works, anyone anywhere can specify any email address as their from address as long as they have a mail server that will allow them to do so. This is why mail server administrators always ask for the complete headers of a spam message before they will disable someone: the from address may be completely false or even non-existent.
There is no way to prevent other people from using your email address when they are using a different mail server.
Typical spoofing situations
In general, there are two situations that can make you aware that your email address was spoofed:
- You receive bounce back emails or replies to messages you didn't send:
There is no way to prevent the bounce back messages from coming to you. If a message gets returned to the sender, it goes to the actual holder of the from address, regardless of who sent it. Similarly, when someone replies to a message, it always goes to the reply-to address.
- You receive messages with your email address in the from field (or in both to and from fields):
Make sure that your domain and/or email address is not whitelisted either in Outlook/OWA or in SpamStopper.
Note: some spammers can specify you address as both from and to addresses, so you will receive the message in any case (even if it bounces).
Read the Wikipedia® article on Backscatter (e-mail) for more information about backscattering.
Go back to top
SPF record
In such situations it is recommended to create an SPF record for your domain. SPF helps mail servers distinguish forgeries from real mail by making it possible for a domain owner to specify the IP addresses/servers from which mail can be sent. That way, if any other machines try to send mail from that domain, the recipient mail server knows that the from address is forged.
Read the Knowledge Base article on What is an SPF record? What do I need to do about it? for more information.
Go back to top |