December 17, 2009

Cause of Email Spoofing

Email Spoofing

Best Replies :)

It seems some one spoofing your email account. Email spoofing is the practice of changing your name in email so that it looks like the email came from somewhere or someone else.
Unfortunately we cannot prevent this activity as spoofing is not occuring in our servers. Make sure your anti-virus software is up to date and running when you check your mail. Since many trojans and viruses exploit Windows vulnerabilities, it is also a good idea to use Windows Update to apply any needed security patches.
Please let us know if there is anything further that we can do for you.

----------------------------------------------------------------------------------------

Looking at the actual sender of the emails, they are not originating from your mailbox/server. It seems like someone is spoofing your address. This type of abuse happens frequently to many domain name owners, since spammers rarely use their own domain names in SPAM and viruses select addresses randomly from other people's address books.

Sometimes spammers just make up return addresses to put in their spam and it is a coincidence they this time they chose one that happens to belong to you. Sending an email that appears to have come FROM someone who did not send it is known as "forging email".

Anyone with Outlook or any other email program can forge whatever address they want in the FROM field of an email, regardless of whether they own the domain name in the address, regardless of whether they have permission to use it, and regardless of whether the domain name even exists or is valid. There is nothing that the rightful owner of a domain name can do to stop people from sending out email with an address in the FROM field using someone else's domain name.

There also is nothing that a webhost can do to stop or prevent spammers or virus mails from wrongfully claiming that your email address came FROM or was the sender of a piece of spam or email virus.

The most you can probably do about this is to go to SpamCop and report SPAM and just delete virus mails and the bounce messages that may be coming to you as the purported sender.

The most annoying part of having someone forge your email address in the in FROM field of their outgoing SPAM is that non-delivery and other bounce notifications will be returned to you because the undeliverable messages appears to come FROM your address.

There are a couple of ways to avoid receiving those. If the username part (left of the @ symbol) of the forged FROM address is not a mailbox that you set up in your Control Panel, then you are receiving the unwanted messages through your catch-all forwarding rule (The catch-all rule allows you to receive mail addressed to any address @yourdomain). To stop receiving these messages, you could delete your catch-all rule so that you will no longer receive mail addressed to non-existent addresses at @yourdomain.

If the forged email address is one that is important to you, that you need to receive email at, there is nothing that can be done short of using your Spam Filter in your Control Panel to blacklist the FROM addresses in the undeliverable notices, such as: postmaster@* and then setting the Spam Filter to either delete spam automatically or automatically move it into another folder. However, this is not recommended because messages FROM those types of addresses are often important and most of the time you will want to receive them.

Let us know if we can be of further assistance.

No comments:

Post a Comment