How do I stop someone using my domain for Spam emails?

Hi Blog Readers,

Every now and then I seem to have one of those low life Viagra sellers using my domain for spam emailing people.

I have done everything I can think of to try and prevent then from doing this, but they seem to keep doing it. 

I just wondered if anyone out there new of a way to stop them?

The headers from one of the bounce backs look like this:

Received:from (
by with SMTP id o8si307731weq.161.2010.;
Received-SPF: fail ( domain of does not designate
permitted sender) client-ip=;
Authentication-Results:; spf=hardfail ( domain of does
not designate permitted sender)
Subject:Where we are well established we are

As you can see from the headers, I have setup the SPF record and it is receiving a "hardfail"

We are using Google Apps for our email hosting, so you'd kinda hope that they have got things pretty much secured down, so what I am missing? Or is it always going to be possible for other people to fake sending emails using another domain?


Chris Houston

Chris is the founder of Vizioz and has been working in the field of website development for over 20 years. Chris has been working with Umbraco since 1998 and now spends his time running both Vizioz and QV Offices.

comments powered by Disqus