eMails on my domain are being spoofed

If you start seeing a bunch of emails bouncing back to you that you did not send, your domain is likely being spoofed. If you look at the emails to and from addresses and you don't them, spammers are spoofing your domain to send emails to people. Example:


* * *

This report relates to a message you sent with the following header fields:

Message-id: <20170321154052.37DA5E0A878CB4@yourdomain.com <mailto:20170321154052.37DA5E0A878CB4@yourdomain.com>>
Date: Tue, 21 Mar 2017 15:40:52 +0800
From: Julia Mcclain <Mcclain0903@yourdomain.com <mailto:Mcclain0903@yourdomain.com>>
To: Nevil@otherdomain.com <mailto:Nevil@otherdomain.com>
Subject: Find out now why this company is going up tenfold by this time next
week.

Your message cannot be delivered to the following recipients:

Recipient address: Nevil@pepsidrc.ae <mailto:Nevil@otherdomain.com>
Reason: Illegal host/domain name found
Remote system: dns;drcntx1.otherdomain.com (Too many invalid recipients)

Reporting-MTA: dns;aimail3.otherdomain.com (tcp_ae-daemon)

* * *

The from name and email is from your domain name but does not exist. If that's the case, this is a spoofed message. Likely you have a catchall on your domain and these are routinely targeted and abused by spammers.  Spammers find a domain that lets anything@yourdomain.com work and use that to send spam because if a remote server verifies that the from address exists, it'll always succeed and get delivered. We recommend that you delete the catchall account. Once you delete the catchall, the remote servers will verify whether or not a from account exists and obviously bad ones will fail that check and message will not get delivered.






Was this answer helpful?

 Print this Article

Also Read

IMAP Synchronization Issues in Outlook 2013 and Office 365

The problem might not be in the way you configured your IMAP account on Outlook 2013, but might...

Using Sendmail

Sendmail is primarily a UNIX mailer daemon used to send e-mail. Many scripts call this program...

Wordpress won't send emails.

In order for your wordpress to send email, you need to enable SMTP Authentication. This means you...

554 5.5.4 youremail@domain.com has sent too many messages today

At LFC Hosting we have a limit on how many messages you can send in a day, from midnight to...

Setting up emails account on iPhone, iPad and MacBooks devices

Setting up your Apple device with email is easy thanks to our iStaller. In Safari on your device,...