Thursday, November 22, 2012, 15:25
Solution ID: 00000180
A Spammer is using my e-mail address to send spam across the Internet; what do I do?
E-mail is very prone to this sort of thing. When an e-mail is crafted, you can say you are anyone you wish! Spammers take advantage of this to give themselves more credibility and deflect bounce messages to other people.
The best way to block this sort of thing is using Sender Policy Framework (SPF). SPF is implemented as a DNS entry for your domain. It specifies what hosts are valid for sending mail for your domain. Any other host should be considered a hoax.
You can get more information on crafting an SPF Record by going to http://www.openspf.org/. On this page there is a section called "Deploying SPF", with a web form for crafting an SPF record (currently set to example.com). Use this to craft an SPF record for your domain.
Many e-mail hosts and even anti-spam filters are not making use of SPF records, so there will always be a number of false messages being delivered; but this is the best method available to us at this time.
There are numerous schemes for performing mailhost verification checks and none of them have a high acceptance rate. So this continues to be an ongoing problem.
Tags: spam, e-mail, antispam, spammer, spoofing, address
Link to this article: kb/address_spoofing
Updated: Thursday, November 22, 2012, 15:25
-- David Rutherford