Written by: Magazine Team on November 16, 2016.
Spoofing problem - what is it?
Spoofing problem - what is it? Mail-spoofing means that the mail-account has not been hacked, and the mails have been sent from some external mail-server. This situation is possible because you have your email address visible somewhere online or maybe some virus in your computer has found your email address.
There are some known situation where we can see that people suddenly receive emails sent from their own email addresses or some bounce messages when some recipient address does not exist.
People wonder: how is that possible? I did not sent that email. Is my email address hacked? Yes it is possible and that is what is called Spoofing.
More exact information you see e.g. here: Mail-spoofing means that the mail-account has not been hacked, and the mails have been sent from some external mail-server. The server it was sent from allows sending on behalf of other users, so the spammers set the from-address to your mail address. As a consequence, it's impossible to stop the spoofing.
The explanation about it would be:
Someone, probably some kind of Internet hacker or spammer, chooses to set the from-address to your email address and that looks like you have sent that email even if it is not so. This situation is possible because you have your email address visible somewhere online or maybe some virus in your computer has found your email address. This is nothing that can be stopped but it can be controlled if you as a real owner of the email address and the domain have possibility to do SPF settings. Normally the web and email providers check SPF but unfortunately this is no 100% solution.
Note that the SPF record will NOT stop the spoofing. It will only prevent the delivery of such spoofed e-mail at the recipients, but ONLY IF the recipient's server checks the SPF. Thus, the SPF is only a way to preserve as far as possible the real owner's address reputation, but cannot stop the bad spoofers.
About ~all or -all in SPF:
The only difference is that spoofed message will be more strongly blocked by the recipient if you use -all instead of ~all.
(reference: SPF record syntax:
http://www.openspf.org/SPF_Record_Syntax " - " is for Fail " ~ " is for SoftFail )
The image is found at: www.optimalnetworks.com . Spoofing problem - what is it?
Following five points are a recommendation for how to avoid spoofing problem or minimize the risks for it:
- Do not write your email address on the website.
- Do not use it in forums that are not protected.
- Scan your computer with antivirus program.
- Do not use unknown computers for logging in to your email account because there might be a risk for viruses.
- Use SSL encryption in your email program.
If you are careful Internet user and and if you have control of your email address and computer than you should not have to worry about this problem.
Back to the to previous page