Have you received annoying SPAM emails in your inbox selling Viagra or some other product that seem to have been sent by YOU?
You are a victim of what is called ‘email spoofing,’ a practice where SPAM email appears to be sent from one source, in this case you (or your company), but is actually sent from another. Your email address is being used by ‘spammers’ to send bulk SPAM email to hundreds (if not thousands) of recipients. What you are seeing in your inbox is actually legitimate “bounce backs,” or emails that were not delivered successfully.
Unfortunately there is really no way to determine if your email addresses are being spoofed unless you happen to receive a bounce back or someone notifies you. The information website About.com reported its daily newsletter was “the victim of a high volume of spoofed email from spammers attempting to sell Viagra.” Email recipients actually believed it was coming from About.com because the email spoofers went a step further to establish legitimacy by using not only the company’s email address but corporate logo as well!
So what can you do to stop it?
You may not be able to stop it altogether. But definitely inform your email service providers that this is happening. Here’s a couple other things you might consider as well.
You may want to talk to your email service provider about setting up an ‘SPF record.’ Simply stated, as the domain owner, you specify to your email service provider in an ‘SPF record’ all the servers your email is sent from. On the receiving end, the receiving server may check your ‘SPF record’ to see if the server is listed. If it isn’t, the email won’t be delivered. To illustrate what I am talking about, say I were to send out a bunch of physical letters to people all over the country, using your address as the return address. Nothing would stop me from doing that. Email works the same way. Now let’s say 25% of those letters were addressed to wrong and non-existent street addresses. The post office would stamp “return to sender” on it and the letters would come back to you.
With SPF records, it’s like you have notified the post office that unless the letter was sent from your local post office branch, then you must not have sent it and to just throw it away. But it’s up to the mailman who is delivering the letter to actually check this, and some mailmen might still deliver it. The hope is that the “majority” of them get caught.
So the bottom line is today there’s no real way to stop someone from spoofing your email. SPF may cut down on successful delivery, but if the recipient doesn’t exist, the SPF check will fail and it will still generate an annoying bounce back to you.
If SPF isn’t a measure you want to take, then instead you can minimally establish a folder in your Outlook, or email client of choice, to gather the bounce backs and, as much as possible, keep them out of your inbox. Call the folder Spoof Mail or something.
Email spoofing is a global email problem and normally not the fault of your email service provider. The best thing you can do right now is be aware of what it is and deal with a responsive service provider who continually stays on top of new ways to decrease this unfortunate issue.
For further reference you can visit the following online resources:
