I'm Getting Spoof Emails and Now What Shall I Do?

Introduction to Email Spoofing:

OK, now we know how spoof email works ...

So what can we do to protect ourselves?

To resolve email spoofing there are two methods, creating a catchall or an SPF record. The catchall (Default Address) can resolve the issue only on a short term basis and is not recommended to be used otherwise. Creating an SPF record would be best for a long term solution as the DNS would catch unverified users trying to send email for your domain and prevent it from being sent out.

Partial Solution

If you have Default Address enabled, you can set every catchall to :fail: no such address here. This will stop you from getting the bounceback, but the real problem may not be solved.

If you do not have Default Address enabled, you will not need to worry about making this adjustment since our system is automatically set to return messages with the :fail: no such address here response.

Full Solution

You will need to create an SPF record to resolve the issue fully. An SPF record is an entry added to the DNS zone for a domain. This record verifies that a user has permission to send mail from a domain, preventing email from being spoofed for your domain.

Click here to create an SPF record for your domain name inside cPanel

Meanwhile, if you are using email client such as MS Outlook or Thunderbird, remember to turn on My outgoing server (SMTP) requires authentication inside each application settings. Basically, SMTP authentication provides basic security to prevent such unsolicited spam and spoof activity.

That's all you need to know regarding email spoofing folks!

Updated on: 26/03/2019