How to stop spammer spoofing my domain for emails

ParoX

10/24/22, 8:58 PM

I've scanned all my code and even changed the passwords to my google apps account such that the SMTP password has changed. However, spammers are still sending emails from [email protected] and the email is phishing attack too. I do not want my domain flagged for spam.

I only send emails through google's SMTP servers. I have the free google apps (grandfathered).

I believe I have SPF records and everything I can do to try and prevent this but it's still happening. What is more frustrating is that Google is emailing me Delivery Status Notification (Failure) saying the emails can't be sent to a lot of emails, so it's spamming my business email.

I tried to use google app's Reports > Email Log Search to see if the spammer is going through my SMTP to send these emails but it always gives an error No messages found. Please contact the sender for further investigation. However, I suspect they are spoofing and aren't going through my SMTP?

What can I do to prevent this?
I can't contact Google because I am on the free grandfathered tier

PS: If it helps to look at my SPF records, please check i m v u - e . com

260

1 + 0

smtp

spam

spf

g-suite

Score:1

Server

Nikita Kipriyanov

10/25/22, 6:07 AM

Mail for your domain seems to be hosted in Google itself. Configure DKIM and DMARC for your domain in addition to SPF, as per Google manuals:

Note, as is said in DMARC manual, SPF and DKIM must be finished first.

This is the best you can do. This wouldn't prevent spoofing (that's impossible), but other servers will be able to filter out spoofed mail better.

0 + 4

ParoX

10/25/22, 12:45 PM

Hello, I already have DMARC, SPF and DKIM. Most of the spam is being sent to custom mail servers like solvay.com and .edu emails. I believe the big email providers (google, yahoo, etc) all correctly reject their spam

Nikita Kipriyanov

10/25/22, 7:37 PM

Your DMARC policy is now set to "none" which means it is disabled. You need to change it either to "quarantine" or "reject", i.e. DMARC record must say e.g. "p=reject" (amongst other settings). I can't tell if your DKIM works unless you send mail to me. There are services like mail-tester.com who generate one time email where you send test mails and then they report back what they think about it. Try them!

ParoX

10/26/22, 11:56 AM

Thanks, I updated my dmarc and seem to pass pretty good. See https://www.mail-tester.com/test-9xohuqas5 I'll give it a few days and see if the spam reduces and accept this as an answer

ParoX

10/30/22, 12:37 PM

Been a few days, they stopped and I got a lot of reports from DMARC. Thanks for your help

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to stop spammer spoofing my domain for emails

TH: วิธีหยุดสแปมเมอร์ที่ปลอมแปลงโดเมนของฉันเป็นอีเมล

RO: Cum să opresc spammerul să-mi falsifice domeniul pentru e-mailuri

RU: Как остановить спамер, подделывающий мой домен для электронной почты

VI: Làm cách nào để ngăn người gửi thư rác giả mạo tên miền của tôi để lấy email

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.