Spam and Forged Emails

Spamming is the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.

If you now have a domain name, you will most likely recieved more spam. Spammers will find your domain (just like your customers would Google), and then send spam to This email address is being protected from spambots. You need JavaScript enabled to view it. .

In addition, Spammers can use your domain name to disguise their spam. This type of abuse happens frequently to many domain name owners, since spammers rarely use their own domain names in SPAM and viruses select addresses randomly from other people's address books.

Forging is when spammers use your domain name as a reply addresses to send out their spam (like This email address is being protected from spambots. You need JavaScript enabled to view it. ).

Anyone with Outlook or any other email program can forge whatever address they want in the FROM field of an email, regardless of whether they own the domain name in the address, regardless of whether they have permission to use it, and regardless of whether the domain name even exists or is valid. There is nothing that the rightful owner of a domain name can do to stop people from sending out email with the worng address in the FROM field.

The most annoying part of having someone forge your email address for SPAM is the nondelivery and bounce notifications you will recieve because some of the spammed emails used by teh spammers will not exist - and the Postmaster will think it came from your address. You will recieved hundreds of emails from Postmaster to say that the male delivery was unsuccessful. This is an automated reply from a computer.

There are a couple of things we advise which may help though in reducing the amount of returned messages you receive as a result of this SPAM being sent with your email address as the forged FROM address -

Manually Delete (recommended) - The bounce back emails usually only continue for a couple of days. During this period, you can quickly sort your email by sender - and delete all Postmaster emails in one clump. Althought this will go on for a couple of days, rest assured, it will eventually die down (untill the next time).
Disable Default Address - Ask to Disable the catch all email address for you domain. By disabling your catch all email address, it means that any messages sent to an email address that you have not specifically setup as an email account will be rejected. The downside of this is if a customer or friend mistypes your real email, you will not get it - and risk loosing important sales.
Block Postmaster Emails - you can block the postmaster emails. This is not recommended because you will not see any bouncebacks yourself if you mistype an email.

We recommned that you do not reply to any of these emails. Most of these emails will autogenerated. As for angry reciepnts of the forged email, its best that they get advice from their IT people (who should be able to tell that the email was forged and not from you). Engaging in correspondence to angry recipients may get you in a debate on an issue that is not in your control.

Although this type of activity can be extremely annoying you do not need to worry about being blacklisted by the anti-SPAM databases. None of the major anti-SPAM databases block a server based on the FROM address of the SPAM message as they are well aware that the FROM address can be forged and that it is a common tactic used by spammers.

Reporting Spam

In Australia you can report spam to the ACMA by forawrding the email to This email address is being protected from spambots. You need JavaScript enabled to view it. . This is the most effective for Australian based spam. For more info on ACMA spam definitions, visit

For international spam, forward the email to the Federal Trade Commission at This email address is being protected from spambots. You need JavaScript enabled to view it. and include the email header.

Advanced measures

The next set of tips require knowledge of domain name mangement. We would not recommend an average user to continue - but suggest you to ask your domain manager or webdesigner to carry out the following.

SPF Validation

SPF validation (Sender Policy Framework) helps to prevent other users from forging the "From" field with your email address if they are not from your domain. Its a mechanism to allow the email recipient mail server to verify that the server sending the email is authorized to do so.

If you are a Google app user, and you have a website that sends out messages on your behalf, use a TXT DNS record like...

"v=spf1 IP4:111.222.333.444 include:_spf.google.com ~all"

Where 111.222.333.444 is the ip of your website email. The _spf.google.com field is a list of all the Google IP's. This tells receiving mail server that only email from your webserver or google mail are validated.

Another variation we use at Bottomupwebs, which includes all MX and A IP's for that domain is

"v=spf1 +a +mx +ip4:111.222.333.444 +include:_spf.google.com ~all"

To test the SPF records, send a blank email to This email address is being protected from spambots. You need JavaScript enabled to view it. using your SPF protected email.

Domain Keys

Some email platforms, like Google Apps, enables you to add a digital "signature" to the header of mail messages sent from your domain. Recipients can check the domain signature to verify that the message really comes from your domain and that it has not been changed along the way.

First you will need to generate the domain key and put it in your email header. Then you will need to create a DNS TXT record with that key.

Home Price List FAQ Web Design Showcase Contacts Tools
Home FAQ Frequently Asked Questions (FAQ) Email, Calendar, Contact and Cloud Services Spam and Forged Emails Friday, 24th May 2013
	Spam and Forged Emails Spamming is the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. If you now have a domain name, you will most likely recieved more spam. Spammers will find your domain (just like your customers would Google), and then send spam to This email address is being protected from spambots. You need JavaScript enabled to view it. . In addition, Spammers can use your domain name to disguise their spam. This type of abuse happens frequently to many domain name owners, since spammers rarely use their own domain names in SPAM and viruses select addresses randomly from other people's address books. Forging is when spammers use your domain name as a reply addresses to send out their spam (like This email address is being protected from spambots. You need JavaScript enabled to view it. ). Anyone with Outlook or any other email program can forge whatever address they want in the FROM field of an email, regardless of whether they own the domain name in the address, regardless of whether they have permission to use it, and regardless of whether the domain name even exists or is valid. There is nothing that the rightful owner of a domain name can do to stop people from sending out email with the worng address in the FROM field. The most annoying part of having someone forge your email address for SPAM is the nondelivery and bounce notifications you will recieve because some of the spammed emails used by teh spammers will not exist - and the Postmaster will think it came from your address. You will recieved hundreds of emails from Postmaster to say that the male delivery was unsuccessful. This is an automated reply from a computer. There are a couple of things we advise which may help though in reducing the amount of returned messages you receive as a result of this SPAM being sent with your email address as the forged FROM address - Manually Delete (recommended) - The bounce back emails usually only continue for a couple of days. During this period, you can quickly sort your email by sender - and delete all Postmaster emails in one clump. Althought this will go on for a couple of days, rest assured, it will eventually die down (untill the next time). Disable Default Address - Ask to Disable the catch all email address for you domain. By disabling your catch all email address, it means that any messages sent to an email address that you have not specifically setup as an email account will be rejected. The downside of this is if a customer or friend mistypes your real email, you will not get it - and risk loosing important sales. Block Postmaster Emails - you can block the postmaster emails. This is not recommended because you will not see any bouncebacks yourself if you mistype an email. We recommned that you do not reply to any of these emails. Most of these emails will autogenerated. As for angry reciepnts of the forged email, its best that they get advice from their IT people (who should be able to tell that the email was forged and not from you). Engaging in correspondence to angry recipients may get you in a debate on an issue that is not in your control. Although this type of activity can be extremely annoying you do not need to worry about being blacklisted by the anti-SPAM databases. None of the major anti-SPAM databases block a server based on the FROM address of the SPAM message as they are well aware that the FROM address can be forged and that it is a common tactic used by spammers. Reporting Spam In Australia you can report spam to the ACMA by forawrding the email to This email address is being protected from spambots. You need JavaScript enabled to view it. . This is the most effective for Australian based spam. For more info on ACMA spam definitions, visit http://www.acma.gov.au/WEB/STANDARD/pc=PC_310294 http://www.acma.gov.au/WEB/STANDARD/pc=PC_310296 For international spam, forward the email to the Federal Trade Commission at This email address is being protected from spambots. You need JavaScript enabled to view it. and include the email header. Advanced measures The next set of tips require knowledge of domain name mangement. We would not recommend an average user to continue - but suggest you to ask your domain manager or webdesigner to carry out the following. SPF Validation SPF validation (Sender Policy Framework) helps to prevent other users from forging the "From" field with your email address if they are not from your domain. Its a mechanism to allow the email recipient mail server to verify that the server sending the email is authorized to do so. If you are a Google app user, and you have a website that sends out messages on your behalf, use a TXT DNS record like... `"v=spf1 IP4:111.222.333.444 include:_spf.google.com ~all"` Where 111.222.333.444 is the ip of your website email. The _spf.google.com field is a list of all the Google IP's. This tells receiving mail server that only email from your webserver or google mail are validated. Another variation we use at Bottomupwebs, which includes all MX and A IP's for that domain is `"v=spf1 +a +mx +ip4:111.222.333.444 +include:_spf.google.com ~all"` To test the SPF records, send a blank email to This email address is being protected from spambots. You need JavaScript enabled to view it. using your SPF protected email. More on SPF here... Google Support: http://support.google.com/a/bin/answer.py?hl=en&answer=33786 Open SPF: http://www.openspf.org/ cPanel Wiki (in cPanel - not WHM): http://docs.cpanel.net/twiki/bin/view/11_30/CpanelDocs/EmailAuthentication Domain Keys Some email platforms, like Google Apps, enables you to add a digital "signature" to the header of mail messages sent from your domain. Recipients can check the domain signature to verify that the message really comes from your domain and that it has not been changed along the way. First you will need to generate the domain key and put it in your email header. Then you will need to create a DNS TXT record with that key. More on Domain Keys here... http://support.google.com/a/bin/answer.py?hl=en&answer=174124
Privacy Terms and Conditions