Email "spoofing" happens when a spammer sends out spam to other people using completely unrelated servers and your email address as the return address. In this process, they are neither using your account nor using our server to send the email, but they forge the "reply to" address to be another address - in this case, yours.

It's effectively the same thing that happens if someone in California were to send a letter to someone in New York with your return address in Boston on it. If that letter wasn't deliverable, it would "bounce" back to you even though you and the post office in Boston had never seen it before. And there's nothing that you could do to stop it.

This end up affecting you in a couple of ways. Sometimes, spammers will address the emails to you and make them from you. This can get around spam filters that scan for bad "from" email addresses.

In other cases, you'll get a slew of "undeliverable" email messages from random strangers. This happens when spam email using your email address is sent to other people. If it's undeliverable, the non-delivery notifications come back to you. Our mail server, seeing that these are legitimate non-delivery messages (in other words, they have been generated by a legitimate mail server), simply accepts them and passes them onto you.

In our experience, if you're getting email "bounces," they will subside after a day. Spammers don't reuse addresses very often - there are simply too many of them in their possession to use, so the effects simply come and go.

This article describes more about spoofing as a concept and how it generates these annoying emails.

In the case of spoofing, it's better to ignore the emails and delete the messages. That's the most effective thing that can be done when you're a victim of spoofing.

Even the smartest filters can't be trained to effectively combat these messages without compromising your ability to get email. Why? The reason is that there's nothing about the email that you receive that is actually spam. In fact, it's a legitimate email from another server to you, simply informing you that what it thinks is a message from you isn't deliverable. So trying to "blacklist" these servers or sending the messages to your spam filter's training folder will do you very little good. By doing so, you're just reducing your chances of getting an undeliverable message in the future if you send an email to one of those servers with, for example, a bad email address.

Tech Superpowers has been investigating this issue and has the ability to reduce the effects of spoofing on your email accounts using a feature called "SPF Records." Currently, we are testing this feature with a few select accounts to see how effective it is in reducing these undesirable emails. However, SPF Records come with limitations on how you can use your hosting account, so please read our SPF Information in detail, and contact us at hosting@techsuperpowers.com if you'd like to be put on our beta trials of this feature.

Related Topics include: Hosting Frequently Asked Questions, TSP Email and Web Hosting, Spam Filtering.