What can you do with Comcast

Spam from your own e-mail address: You can do this against mail spoofing

You open your mailbox and discover several spam emails. Nothing unusual actually, but on closer inspection you find that the spam is coming from your own email address. You have probably become a victim of so-called mail spoofing. What is behind it and what you can do about it, you will find out in this guide. First of all, some good news: A hack of your account is rarely the reason.

Explanation: This is what happens with mail spoofing

First of all: the large e-mail providers such as GMX or Gmail are already fairly secure today. Thanks to more and more security features, attackers are finding it increasingly difficult to hack mail accounts.

But there is a method other than hacking that attackers can use to at least make your e-mail identity their own - so-called mail spoofing. Your account will not be hacked with spoofing, but “only” your address is used. This can mainly happen in the following two situations.

Free choice of sender in e-mail programs

Some e ‑ mail clients allow the sender of a mail to be edited freely. This function can be abused for criminal purposes. So that the spam cannot be traced back to the attackers, they use any other address - yours if you are unlucky.

The result: Spam appears to be sent from your own email address. But the authors of the spam are not always concerned with disguising the sender. Sometimes they just want to make you curious so that you click on the email and maybe even open unsafe attachments.

Outdated logs on email servers

Mail spoofing is also possible if a mail server is using outdated protocols. These make it possible to gain access to the servers via clients or specially developed programs and to furnish oneself there with a false sender identity. If attackers want to send spam in this way, they only need to come up with an address as the sender and addresses of recipients.

Bounce emails give indications of abuse

If a recipient address to which a spam mail is sent is not valid or if the spam mail is rejected by the server, the sender receives an automated response, a so-called bounce mail. This error email explains (often in English) that an email could not be delivered.

If you get such an email yourself, it is possible that spam was sent from your own email address. This is especially true if you cannot do anything with the content of the mail, so you definitely did not send it yourself. At this point at the latest, you should take measures to prevent this from happening more often.

When you receive spam from your own email address, sometimes it is best not to do anything.

React correctly to spam from your own e-mail address

If you have your e-mail address with a large provider and are receiving spam from your own address, first of all you have to wait and see! In no case should you reply to spam, Send acknowledgments of receipt or click dubious links. This is how spammers recognize that your email address is valid, active and therefore worthwhile to misuse. Simply move any bounce emails to the trash and wait.

If you have rented a domain and use it to send (business) emails, you shouldn't wait and take action - after all, spam could damage your business. These measures are particularly important:

  • Switch off the “Catch-All” function in the mail server settings.
  • Activate the “Sender Policy Framework”.
  • Let your customers know that your email address may be being used for spam right now.

If you do not know how to activate or deactivate the functions mentioned, contact the customer support of your domain host. You can find more information about “Catch All” and “Sender Policy Framework” in the info box.

Get domain or mail providers on board

No matter where you have your email address, if you get spam from your own address, you should Contact your mail provider or domain host and point out what is happening. This is important for two reasons:

  • If the spam emails from your account get out of hand, the provider may block your account. Usually he only does this in consultation with you so that you can react accordingly. Still, it can't hurt to prevent it.
  • Together with your mail provider you can try to identify the actual sender of the spam. Many large providers, such as Gmail, offer a mail spoofing report service. If the criminal sender can be found, he ends up on a blacklist so that his e-mails are generally rejected in the future.

Working with your mail provider or domain host also has the advantage that your information may help them can close the security gap, through which a mail spoofer gained access to servers.

What is “Catch All” and “Sender Policy Framework”?

The “Catch All” function ensures that all mails to a domain you rent arrive - regardless of whether the associated addresses exist or not. For example, if someone sends an email to [email protected] - but you didn't set up this address at all - it ends up automatically at [email protected] (or a similar, central address). This gives spammers the impression that these partially “guessed” addresses actually exist - and may therefore continue to use them to send spam.

A “Sender Policy Framework” ensures that mails from your domain can only be sent from specified IP addresses.

Don't panic - but don't ignore it either

If you send spam from your own email address, there is no need to panic. Most of the time, the account was not hacked, only the address was used without permission. Still some measures are recommended to protect yourself and to catch spammers. To do this, work with your email provider so that they can track down the attacker and put him on a blacklist. As the owner of your own domain with a mail server, you should always inform your host about the spam situation and activate a “Sender Policy Framework”.

Disclaimer OTTO (GmbH & Co KG) assumes no liability for the correctness, topicality, completeness, effectiveness and harmlessness of the information and recommendations made available on updated.de. It is expressly pointed out that the official manufacturer's specifications are to be observed before all other information and recommendations and only these can guarantee a safe and proper use of the respective purchased items.

Time to share: & nbsp If you liked this article, we are happy!