Return to sender e-mail spam

[Longbow]

I keep receiving lots of bounced e-mails from non existing accounts on my domain.

Either these are completely fake, or someone is putting [email protected] in the from field.

I have DKIM & SPF enabled which I thought was supposed to prevent my e-mail address being spoofed.

Any thoughts or suggestions?

 

[Redrum]

SPF will advise receiving mail servers who can send out on your domain, but it's ultimately up to them. You could possibly tighten that up by changing the fail in your SPF from a soft fail to a hard fail, assuming you are currently using a soft fail as most people do.

Also have you checked that someone is actually spoofing your domain and it's not that your email accounts' passwords have been compromised, or if you have some hosting, that a contact form or similar has been compromised?

The problem is if you don't have a compromised account/server and someone is just using your domain, then the servers that are sending bounces back to you are badly set up because they should be rejecting the emails at the SMTP level rather than sending a bounce, so therefore the people that set them up probably didn't bother or weren't able to have them read SPF or DKIM.

It's know as backscatter if you want to do some reading about the subject. The servers sending it are probably on some blacklists so maybe using an email provider that uses spam blacklists would help.

 

[dan958]

I work in the industry and see it all the time.

Most of the time it is just a spammer sending as your domain, and it will stop in a few days.
Other times it is a virus on a computer you use taking control and sending out emails.

Wait a few days and it generally stops. Do a virus scan to be on the safe side.