Spam emails

We have had a sudden onset of email coming to our postmaster box (unknown mailbox) as undeliverable. for the most part have a format like:

I suspect a spammer is using our domain name, but what can we do about it. Mail is hosted at

don't really want to get blacklisted
Who is Participating?
Brad BouchardConnect With a Mentor Information Systems Security OfficerCommented:
First go here:

and click on the blacklist button at the top menu.

Put your domain in and check.  After it's first check it only does the 35 most common lists, there is a link that says check all 90 something lists.  Click that and make sure you aren't on any lists.  Then, call networksolutions and inform them so they can inform you better how to proceed.
Dave HoweConnect With a Mentor Software and Hardware EngineerCommented:
You will most likely find that none of those mails were sent from your own mail servers (check the headers on some of the undeliverables, they will probably trace back to someplace in russia or china)

If so, you can do little or nothing to stop them being sent, but you can do a little to get them bounced more often (at which case, often the spammers will move onto a domain with a higher success rate)

First thing is to add a SPF record to your domain. the easiest is to do is "mx -all" which means (in english) "our domain sends from addresses listed in the MX records for inbound mail; other sources should be rejected". If there are any other IPs that will send as your domain, then you will need to take that into account when defining your SPF record (this is a DNS change)

If your mailserver supports it (and note that MS don't!), also move to DKIM support. This adds a bit more load (because mails need to be digitally signed) but many of the big recipients (such as google) will inspect for DKIM And bounce non-matching mails. There are also open source MTAs (eg EXIM) that could be used to add DKIM to a non-DKIM mailserver as an outbound relay, but that's a fair amount of work.

all you can really do though, as outlined above, is to make it more likely that the spam will be rejected rather than generating NDRs.  If you can make it sufficiently likely that mail gets bounced though, the spammers WILL move on to another domain, as they don't really care whose good name they abuse, as long as they get paid, so will take low-hanging fruit where they can.
Dave HoweSoftware and Hardware EngineerCommented:
oh, and if it *was* your mail server sending this out, then you have a different issue..... also, as you have hosted mail, ask your provider about their DKIM and SPF support, they may be able to turn this on for you....
warsawtechConsultantAuthor Commented:
Checked the MX records and no black listing yet!!

Went to network Solutions and added SPF to the text in both domains I had this showing up in and now I just have to wait and see.
Going to investigate the DKIM further in the meantime.

Thanks guys
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.