Question

email extension hijacked -- what can I do?

Posted May 1, 2020 129 views
Email

Someone is using my e-mail extension without my approval (*.@ctrchg.com). What can I do to stop them?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
3 answers

Hello,

In order to prevent email spoofing, I would recommend the following things:

  • Add an SPF DNS record - SPF stands for Sender Policy Framework, it indicates to mail exchanges which hosts are authorized to send mail for a domain:

https://www.digitalocean.com/community/tutorials/how-to-create-a-spf-record-for-your-domain-with-google-apps

  • Add DKIM record - it is a process to validate sending domain names associated to email messages through cryptographic authentication.

  • Add a DMARC DNS record

Hope that this helps!
Regards,
Bobby

by Keshav Pareek
Here we'll show you how to create a SPF record for your domain with Google Apps.

Thank you! I will forward the solution to my webmaster for implementation. Much appreciated!

-Gary

  • Hi there @GaryConsultant,

    No problem at all, hope that this helps!

    And indeed as @twinedev mentioned it would not stop people from trying to spoof your email, but it should help the situation as the receiving email server would ‘know’ if the IP address which the email is coming from is authorized to send emails on your behalf or not and possibly discard the spoofed emails so that the recipients do not get them.

    Regards,
    Bobby

For clarification, the records do NOT prevent spoofing from happening, they help the receiver know what to do with them, reject, mark as spam, or nothing at all, depending if they are configured to do. The spammer can still fire off e-mails with incorrect “FROM” email addresses night and day.

Submit an Answer