How to stop people spoofing your domain in emails?

[Jay_2]

I am in the process of setting up an SPF record, we have full rDNS setup and its related to our domin name (eg rDNS to ip 1.1.1.1 = outmail.ourdomain.com)

Is there any other ways to stop people spamming and spoofing your domain name? eg people are sending mail with [email protected] as the sender. The problem is that loads of mail server just send me spam notification even though the header clearly shows its from a server in japan and nothing to do with our server.

 

[XOR != OR]

Also known as "joe-jobbing". No, there isn't a way. The receiving servers would have to drop all mail from your domain if it didn't meet certain criteria. Emphasis on receiving servers, as in ones you don't control.

Sucks, but there you go.

 

[Jay_2]

its stupid really. Why don't they just look up the rDNS for the sending host?

 

[goodcooper]

it's just an arbitrary header value, you can put anything in there you want... Yet another fatal flaw of the current email system... It is my opinion that email system in general needs a complete security overhaul... There is just too much going on tho... Impossible to standardize at this point

 

[XOR != OR]

its stupid really. Why don't they just look up the rDNS for the sending host?

Because that doesn't always indicate a spammer. I'd say only about half the hosts I receive legitimate email from don't have rdns records.

 

[Jay_2]

Well they should becuase now the other half are paying the price for it.

 

[DaveEhm]

I once believed that smtp hosts should have a certificate verifying their validity tied to their ip/hostname. But there's no way to enforce that, especially with how easy it is for anyone to set up their own smtp server and blast spam.

Not to mention no matter the advances made, compliance is another issue.