Hi Blog Readers,
Every now and then I seem to have one of those low life Viagra sellers using my domain for spam emailing people.
I have done everything I can think of to try and prevent then from doing this, but they seem to keep doing it.
I just wondered if anyone out there new of a way to stop them?
The headers from one of the bounce backs look like this:
Received:from rctp.telecomitalia.it (host49-133-dynamic.52-82-r.retail.telecomitalia.it
by mx.google.com with SMTP id o8si307731weq.161.2010.07.23.05.33.53;
Received-SPF: fail (google.com: domain of email@example.com does not designate 188.8.131.52as
permitted sender) client-ip=184.108.40.206;
Authentication-Results: mx.google.com; spf=hardfail (google.com: domain of firstname.lastname@example.org does
not designate 220.127.116.11as permitted sender) email@example.com
To: NAME REMOVE <EMAIL@REMOVED.COM>
Subject:Where we are well established we are
As you can see from the headers, I have setup the SPF record and it is receiving a "hardfail"
We are using Google Apps for our email hosting, so you'd kinda hope that they have got things pretty much secured down, so what I am missing? Or is it always going to be possible for other people to fake sending emails using another domain?