I am receiving tons of e-mails. Most of these emails are auto responder reply to firstname.lastname@example.org. These look strange as I haven’t created these email accounts.
It seems there is a spammer that has spoofed your email address to sent out spam emails.
Since all the undelivered emails bounce back to the email address specified,
it will return to the original email address. The bounce back messages to the non-existing email addresses something@mydomain are received by the default email address.
Email spoofing is the practice of changing the account in email, so that it looks like the email came from somewhere or someone else, and in this case it was made to look like it came from you.
Spoofing is generally used by spammers as a first defense against people finding out who they are.
This email was sent out from a server other than yours, so there is nothing much we can do to stop these emails.
The good news is, you don’t need to worry about your IP being blocked, because of this spam.
The email headers will contain the IP of the server from which this email came, and hence that IP will be blocked, not yours.
Here is what you can do about it:
Please follow the steps:
– Log in to your cpanel account
– Click on the icon above the word ‘Default E-mail account’ on the main screen of your cPanel interface under ‘Email Management Tools’.
– Enable the option ‘Discard with error to sender (at SMTP time)’
– Click on ‘change’.
Another way to stop spoofing is to setup SPF record for your domain.
The Sender Policy Framework (SPF) fights return-path address forgery and makes it easier to identify spoofs.
The SPF is an emerging standard by which the owners of domains identify their outgoing mail servers in DNS, and then SMTP servers can check the addresses in the mail headers against that information to determine whether a message contains a spoofed address.
SMTP receivers verify the envelope sender address against this information, and can distinguish authentic messages from forgeries before any message data is transmitted.
For more info about it, please refer to open SPF site.
At tdothost.com we can setup SPF record for your domain at your request.
Please contact us with your questions.