Frequently Asked Questions
This is one of the great scourges facing the Internet today. Anyone can forge email to make it look like it came from anyone, and spammers do. They don't need anything special, no passwords, no special access, nothing. They pick domains at random in order to help obscure who they are and where they are coming from.
If this happens to your domain, the symptom will be that you will receive a large number of bounce messages for messages you never sent. If you investigate further, you will generally find that the From: addresses of the messages are either fake names (firstname.lastname@example.org, email@example.com) or gibberish addresses (firstname.lastname@example.org).
When you configure your mail client to send mail from your domain instead of your ISP's, it's completely between you and your mail client. Everybody else has to trust that you told your software the truth. Nobody can stop you from putting "email@example.com" as your sender address. Spammers abuse this trust to send out their messages.
Messages like these never pass through our system, so we can't help you figure out where they are coming from or help stop them. In general, messages of this type are sent through hacked machines belonging to residential cable modem Internet subscribers, or they are sent through unprotected servers in developing countries like China.
This happens sooner or later with every registered domain and, at present, there is unfortunately nothing that can be done to stop it. This is true no matter what domain registrar or hosting company is used, and is even true if the domain isn't used for web hosting.
If you use your domain for email, setting an SPF record in your DNS that lists servers that legitimately originate email from your domain may help. We do offer an SPF option for domains not used for sending email, which is a helpful step if it applies.
While you cannot prevent this from happening, you can diminish its effects on you. Most of the people who get buried in bounce messages have "catch-all" email forwarding enabled. You can disable this and set up only specific email forwards, and this will dramatically decrease the number of bogus bounce messages you receive.