It’s very common in The “Spammers World” to use what is called a “Misconfigured E-mail. They intentionally pick a known valid email address and configure their email to use that as the “Sent From” in the Email Header. (That’s the part that accompanies the e-mail telling the world where it came from, the originating ip address, where to deliver it to, etc. You will not see that section in the e-mail unless you intentionally view it (and Your E-mail program lets you view it).
The “Spammers” place your e-mail in the “Sent from” section of their spam and then send out hundreds maybe thousands of E-mails using this configuration in an attempt to hide their Identity. When one of these emails is not deliverable (example: sending a email to a non existent e-mail address) the server of the undeliverable e-mail will send a error message to the “sent From” E-mail address. If you are the unlucky one who’s email they choose to ”spoof” you will receive these error messages.
Steps to take to prevent email spoofing:
- Do not list your email address on your website, use a “Contact Form” instead
- Ask your Hosting provider to disallow any “Hits” from foreign countries (especially anything from Eastern Europe, Kenya and Nigeria, these are hot spots for these spammers).
How do I Stop It?
If you already are receiving these emails its usually already to late, but you can do the following to help the problem.
- Use a junk email filter to “disallow” or “Block” any error messages (this can also effect legitimate error messages that you might want.)
- Delete the email address that is causing the problem and use another.
Many times the “spammers” will only use a email address for a short period of time. Its not unusual for it to stop as quick as it started so don’t despair.
Can I get In trouble for sending out Spam even though I didn’t send any ?
No. Actually the can-spam act of the United States makes it illegal for anyone to send out E-mails using a misconfigered sender. If the People are in the United States they may get caught and arrested, however, these people usually are based overseas. When the government investigates these issues they use the originating Ip Address , not the misconfigered server information