What's a Guru? I want to be a GlowRu!
Spoofing??
I just received two emails from spammers using one of my email addresses. (That is addressed both to and from me) Now, I think this is regarded as Spoofing, but not sure. Has never happened before. Can anyone tell me what I can or should do about it?
Thanks in advance
GlowHost Administrator
Is your default address enabled?
Send your friends and site visitors to GlowHost and get $125 plus bonus!
GlowHost Affiliate Program | Read our Blog | Follow us on X |
What's a Guru? I want to be a GlowRu!
Hey Matt,
Thanks for the quick reply.
Current Setting: :fail: No Such User Here
GlowHost Administrator
I am not really sure at this point, as your default address setting is the way I would recommend doing it. I've seen an increase in spam of the type you describe, I have a ticket in with cPanel now to see if they have any ideas or suggestions on how these are getting through.
Send your friends and site visitors to GlowHost and get $125 plus bonus!
GlowHost Affiliate Program | Read our Blog | Follow us on X |
GlowHost Administrator
Also do you have SPF records setup for your domain?
I would try using this:
where "server.hostname.com" is your server's hostname.Code:"v=spf1 a:server.hostname.com a mx -all"
This in theory is supposed to reject anything (-all) sent to you using your domain if it does not match the A records of your domain, the MX records of your domain, or the A records of your server hostname. In the current cPanel setup the mailserver sends from the hostname, so the servers hostname should be in your SPF if your domain is on a dedicated IP. If you are on the main server IP you don't really need this section:
a:server.hostname.com
But it seems like it will not hurt and covers you in case you change your domain to use a dedicated IP address. There is some talk that cPanel will add functionality to send from the domain IP itself. if that day comes then the SPF would look like:
The above can also be used for hosts that you know will always remain on a shared IP.Code:"v=spf1 a mx -all"
Send your friends and site visitors to GlowHost and get $125 plus bonus!
GlowHost Affiliate Program | Read our Blog | Follow us on X |
GlowHost Administrator
Oh and PS. Your WHM > Exim Configuration should have the following checked so that your rules are honored:
Blacklist: SPF Checking [x]
If you have a dedicated server you will have access to your Exim config editor. If you have a shared server, this setting is already enabled.
Send your friends and site visitors to GlowHost and get $125 plus bonus!
GlowHost Affiliate Program | Read our Blog | Follow us on X |
GlowHost Administrator
Additional information on SPF syntax can be found here.
SPF: SPF Record Syntax
Tip:
If you want to ignore SPF checks you can see the "-all" flag to "+all"
Send your friends and site visitors to GlowHost and get $125 plus bonus!
GlowHost Affiliate Program | Read our Blog | Follow us on X |
What's a Guru? I want to be a GlowRu!
Let me know what you find out. This is a new one to me.Originally Posted by Matt
What's a Guru? I want to be a GlowRu!
Thanks for all the info Matt. No, I don't have any SPF records set up for the domain. The domain is on Ginger. I didn't receive anymore spam mail today, which is nice. Will start a ticket on this if it continues to be a problem.
GlowHost Administrator
Well, so long as you remain on the ginger server, then your SPF record would look like this:
Code:"v=spf1 a:ginger.gendns10.com a mx -all"
Send your friends and site visitors to GlowHost and get $125 plus bonus!
GlowHost Affiliate Program | Read our Blog | Follow us on X |
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote