I’ve started receiving bounces for undelivered mail that I haven’t sent. It seems it’s my turn to have my mail domain spoofed for e-mail harvesting spam again. The spam mails appear to all be in HTML format and claim to be in response to signing up to a newsletter.
If you don’t know, ‘spoofing’ is forging the address to look like it comes from someone else that you’re more likely to trust, in this case my domain, ‘delphia.co.uk’. The mail was never sent by me, or from a user on my mailserver, as I don’t actually have a ‘delphia.co.uk’ mailserver. All my mail passes through an authenticated server on my host, 1&1, and legitimate mail from me starts it’s first hop at ‘mrelayeu.kundenserver.de’ (which you’ll see in the headers).
There is nothing much that can be done about spoofing, as anyone can currently fake the sender address in an e-mail. Until something like the Sender Policy Framework or an equivalent is used by the majority of the ‘net there is no way to know if a mail is from a legitimate source.
Related: Spam Trends.