One of the most irritating thing that can happen to you as a domain owner is when a spammer decides to use your domain as the reply-to email address. When this happens, if you have your domain email configured as I do to capture email at every address @ the domain.com, you get hundreds of bounce-backs flying at you. The worst part about this? There’s absolutely no way to stop them – the design of email is fundamentally flawed in that it allows anyone to put an email server online and send email without having to authenticate who they are and if they have permission to send email. Worse still, if people flag the spam they received as spam, it hurts my chances of being able to send legitimate email from jasondunn.com. Someone really needs to fix email – it can’t continue like this for another 10 years.
So if you happened to have received a piece of spam from the jasondunn.com domain, I can assure you it wasn’t I that sent it.
This technique is known as Joe Jobbing. There aren’t many ways to handle this, but one good way is to create an appropriate SPF record (which is basically a TXT DNS record) for your domain. It will allow many of the large companies who support SPF in their mail records to immediately reject the email if it is “from” your domain, but not really from you. It reduced the amount of spam bounce back replies significantly.
Three steps you must do..
1 – Use SPF. Some ISPs reject your mail now if you don’t have one, so it’s essential.
2 – Get reverse DNS setup.
3 – Never, ever, ever, ever, ever, ever, ever use a “catch-all” mailbox.
Gears,
Thanks for the suggestions. I’ve chatted with my admin about SPF and he said it wasn’t widely adopted enough to be useful, but I’ll revisit that discussion with him. Reverse DNS is new to me, so I’ll ask him about that.
Regarding “catch-all” domain mailboxes, I have to strongly disagree – while they do suck when a spammer decides to abuse my domain, that pain is usually quite short-lived. The benefits of being able to use wildcard email addresses are tremendous and have allowed me to keep my jasondunn.com email account almost completely spam free. If I see an alias getting spam (somehow my Chitika email alias starting getting a lot of spam), I can turn off that alias – it’s simply awesome and I wouldn’t trade it for the world. 🙂