First, I'll chime in and say I love bluehost -- great host at a great price. :)

Now, my problem:
I'm seeing a lot of "spoofed emails" that appear to be coming from my domain (foo@mybluehostdomain.com). These are obviously spoofs and invalid email address. Is there any way to stop this? I don't want folks to think that they're being spamed from me.

Also, I see a lot of email being sent to my domain to an invalid email address (such as someunknownuser@mybluehostdomain.com). Other than turning off the "catch-all" email address, is there a way to stop this?

Thanks,

-R

Other than turning off the "catch-all" email address, is there a way to stop this?
That's the problem when using a catch-all email address. It means every email sent to anyname@yourdomain will get through which gives spammers a broad target to shoot at.

If you limit your email addresses to those that are essential, 95% of spam sent to your domain will get bounced. Takes only a few minutes to set up and saves you loads of time dealing with spam.

Talk to Tech Support about setting up an SPF (spoof) record. It stops all email that did not originate from a list of domains that you send out mail from. i.e. business email, home email (basically all the smtp's that you are using). I had a similar problem at a previous isp and they couldnt solve it, I spoke to BH tech support prior to signing up and they told me about the spf and set me up that day and have not had the problem at all.
Good Luck!

An SPF (Sender Policy Framework) record will certainly help the situation (you can read more about how this works here (http://www.openspf.org/)), but you should keep in mind this is not completely foolproof, as it requires the receiving organization to support SPF or SenderID (Microsoft's implementation (http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx) of SPF).

Basically, you publish an SPF record in your DNS (or in this case have Bluehost do it for you) that identifies those mail servers that are allowed to send mail representing your domain name. Any receiving server that supports SPF/SenderID will check for the SPF record and reject the e-mail in some fashion if it didn't come from a permitted mail server.

This rejection could take the form of silently discarding the message, bouncing it back to the sender, or moving it to the user's junk mail folder, so even the specific implementations are slightly different.

Some of the major web e-mail services are now starting to support this technology, but it's still not in widespread use, so it's not a foolproof solution to ensure that nobody ever gets an e-mail with your domain or e-mail address in the "from" line.

But is that probably the best choice for now?

Basically, you publish an SPF record in your DNS (or in this case have Bluehost do it for you) that identifies those mail servers that are allowed to send mail representing your domain name. Any receiving server that supports SPF/SenderID will check for the SPF record and reject the e-mail in some fashion if it didn't come from a permitted mail server.


That's fantastic. I didn't know that. Invalid emails at my domain have been used in the past (about three/four years ago) for spam runs. This is good to know should it ever happen again. Very impressive that Bluehost would enable it for users too.

But is that probably the best choice for now?
Well, to be fair that's probably the only choice for now. I guess the short answer is that something is better than nothing.

There was some discussion that Hotmail was going to start enforcing SPF records as part of Microsoft's SenderID specification last November, which would have meant that anybody without an SPF record for their domain wouldn't be able to send to Hotmail users. Realistically, I don't think they ended up being able to do this. As far as I know, Hotmail will read and use an SPF record if it exists, but it does not yet require an SPF record.

Bottom line is that it's certainly not going to hurt to have an SPF record put in, as long as it's properly constructed (and I'm assuming Bluehost's staff can figure this out for you, since they know which mail servers are involved).

It's just important that you don't expect this to actually be a full solution to the problem, since there are a lot of systems out there that don't support it (in other words, don't assume that once you put this in that others could implicitly trust all mail from your address as actually coming from you).

Yes, like Isaid before. I contacted Bluehost prior to buying services with them. They said its a simple 1 line record. They added it for me at the time of signup and now forot he p[ast few months, have not had the problem. My old crappy host just blamed it onme and turned off my account without warning saying it was too much bandwidth on their servers. They said they were getting 100k + bounces per hour and never hear of a SPF record! Such morons! It took 1 call from a non customer to see BH knows their stuff! Thanks Bluehost!

Thanks for the suggestions. I've turned off my "catch-all" address. Hopefully this will help.

I cam across this and i think its a great thing to know. I too have a serious spoofing problem that worries me. I'm gonna nip it in the butt right now. Thanks for the great advice.

I dont use a 'catch-all' but have been set upon by a spoof attack for my main domain webmaster email address.

Unlike the good experiences here - Bluehost shut down ALL my sites and email without warning - oh, yes, they sent an email to the address they had just shut down. as this occured Sunday morning my time, I didnt realise until Monday morning.

I must say, that upon informing them that we certainly were not responsible for these emails, they got my sites back up.

They blamed it all on me - saying I had 2 autoresponders operating - which I didn't - one was abandoned, and has since been removed.

Anyone knows that all a spoofer needs is a legit email address and the IP of your server. They dont need to access scripts on your site.

Unfortunately they have [without warning again!!!] shut down this email address. I am grateful they have left my sites up this time, but it is unfortunate that they dont seem to adopt a partnering approach. They wouldnt offer any advice as to how I could prevent this in the future [probably coz there is nothing I can do] and couldnt provide any information or proof surrounding the attack.

I would be very grateful if anyone else can tell me of any way to prevent spoofers using my email addresses.

Thanks
Esmart

Nothing you can do about emails sent from elsewhere that appear to come from your address but then those shouldn't cause any issues with BlueHost. The only ones that would be a problem are those where the emails actually pass through your hosting account on their way out. That would require either that a script on your site allows the sending of emails or that the spammer knows the access details of your outgoing email configuration to be able to connect to your account to send emails as if they were you. That would require a knowledge of your email account password (amongst other details0.