Email spoofing - Whose fault is it? HELP!

[abucan]

Hey guys, I really need some help here. My business email account has been hijacked - meaning someone is forging my email header, spamming craploads of people and making it appear like it's from my account but it's not! Now all my company's email accounts are being blacklisted by various ISPs so it goes straight into our client's junk folder. There doesn't seem to be anything on the net that tell you how to stop this!

What I want to know is, this has to do with server security does it not and thus the hosting company? I have contacted my host a couple of times, and they have replied but whatever they are doing doesn't seem to be working. I really like my hosting company but this problem is making me consider changing host. So my question is, would it make a difference? Is it the host's fault or is there really nothing they can do and therefore no difference whether I switch host or not????

Please advise. Thanks!!!

 

[mvl]

The SMTP protocol makes it possible to make up your own "From:" headers, so there is nothing you can do about it. Anyone can spoof any email address they want this way.

 

[Camron]

Worse part is, your email and or server IP could be blocked from sites such as AOL, GMail, etc (preventing you to email users there).

 

[armstrong]

Setting up an SPF host record might help:

http://old.openspf.org/wizard.html

Good luck!

 

[Aesthetic]

http://old.openspf.org/wizard.html

Really useful service!

 

[abucan]

About SPF records

Hey guys, thanks for that. Seems like it's the only solution currently however, all this SPF stuff is really new to me and I have a couple more questions. Hope you'll oblige. Do I set up my SPF records at my domain registrar (Godaddy) or my web host (3ix)?

Setting up an SPF host record might help:

http://old.openspf.org/wizard.html

Good luck!

 

[armstrong]

It goes to whoever handles your nameservers. If your nameservers for somedomain.com are ns1 and ns2.somedomain.com (in other words, you are handling your own nameservers), then the SPF record needs to be defined by your host. Some registrars (like enom) make this process easy, so for domains that I need to SPF-protect, I tend to place at enom, and let the registrar handle both the nameservers and SPF records.

BTW, this is just a partial solution. Many ISPs still do not check SPF records when processing incoming email, therefore will still allowing the spoofed emails.