1. bluehost knowledge base

Email Spoofing

What is Email Spoofing?

Email spoofing is when the email header's "From" line is modified to something other than the actual original sender. A common symptom of someone spoofing your email address is getting tons of spam return-messages (like Failure Notification or Mailer Daemon) for emails you never sent or receiving spam emails from yourself which you did not send. Generally, you will never see spoofed emails. However, if the email spoofer happens to configure his "From" header to be a real email box, the bounce-back notification will come back to your mailbox.

The way email spoofers are tracked down is from the server that is used to authenticate for originally. The server being used gets reported to ISPs and Email Realtime Black Lists (RBLs) and the spoofing emails stop.

How to Prevent Email Spoofing

By creating an SPF record servers will verify the user has permission to send mail from that domain using the domain's DNS. For more information on how to set this up, see SPF Records for Shared and Cloud Hosting. For VPS and Dedicated Server, please refer to this article.