Deflecting e-mail spoofing

Security threat expert Kevin Beaver provides some steps you can take to secure your email system to deflect e-mail spoofing.

My domain is being spoofed. How can I stop this from happening?

If you mean it's being spoofed via e-mail -- that is, someone or something (i.e., a virus) is sending out e-mails that appear to be coming from your domain, there's basically nothing you can do to prevent it. You can, however, take a couple of steps to secure your e-mail system to deflect some common problems. That is, ensure that SMTP relaying is disabled on your e-mail server(s) and setup an e-mail firewall (such as IronMail, MailMarshal, etc.) to keep rejected, spoofed and otherwise unwanted e-mail traffic off your network.

If you're getting flame messages from disgruntled admins saying that junk is coming from your domain, try to explain to them that this issue is mostly out of your control. One thing that they can do on their end is to set their e-mail servers to perform reverse lookups to match your valid IP address to your domain name. Many e-mail servers have this capability.

If you want further "domain protection," check with your domain registrar to see if there's a way to remove your personal contact information that shows up via Whois queries and also see if there's a way to "lock" your domain to keep anyone else from registering it in their name.

This was first published in July 2005
This Content Component encountered an error



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: