Customer may experience in receiving spam, spoof or phishing email that email sender is your domain such as info@yourdomain.com, account@yourdomain.com or name@yourdomain.com etc...
How do I stop someone From Spoofing My Domain ? It is not be possible to stop someone from using your email address as the from address. The reason is the spammer NOT used your server. They just used outside's ISP SMTP server. (e.g. smtp from Russian, UK, USA etc..)
How to resolve the Email Spoofing/ Phishing email ? Two methods : 1) Blocked your domain (see below) or 2) SPF Record (see below)
Add Rule --> Reject Mail From --> input --> *@yourdomain.com --> Add Rule
Save
Add your domain to the blocked domain list : Any internal messages in your domain will continue to be sent/received with no issues, but anything else received from outside that appears to be from your domain will be blocked. If your business uses any third-party systems, programs, etc. to send messages from your domain from outside of the network, be sure to add the server IP address to the Accept Network IP list (see faq)
Default Trust IP List : Webmail Server, smtp.abchk.com, smtp.yourdomain.com
FAQ ?
Q : Why blocked domain will blocked spam mail used as sender ? A : All spam mail filtering by our MX server. Blocked your domain means all sender from *@yourdomain will
blocked by our MX Server. (included spam or phishing email used your domain as sender)
Q : What happen if I send email to my staff
A : smtp.abchk.com / smtp.yourdomain.com / Webmail server IP whitelist already.
Q : Can I allow our ERP/ Web server Server IP that used our domain send email ?
A : yes : Add Rule --> Accept Network IP From --> input server ip address --> Add Rule --> Save
Q : Can I used netvigator smtp server send email ?
A : yes, but make sure sender email is not the domain you blocked.
Q : Can I used netvigator smtp server send email that sender is my email
A : No
2) How to used SPF record prevent Email Spoofing ? Our default SPF value for domain is "v=spf1 include:_spf.abchk.net ~all" Please change SPF value to "v=spf1 include:_spf.abchk.net -all" And make sure included all ip that require used your domain send email to the SPF TXT filed. for example : "v=spf1 include:_spf.abchk.net IP4:202.85.123.110 IP4:123.34.52.110 -all"
What is the different of SPF Record above ?
The different is on "~all" and "-all" which call "Softfail" or "Hardfail", please click this link for details