This is intentinal by the spammer who may or may not be part of the "company". Your domain has been forged as the "sender".

A lot will depend on how you host has things set up and the access they give you to email settings.

I would call them and see about setting up a "catch-all" email address that sends everything not addressed to a valid email account (designated by you) to dev-nul. Or, see what other suggestion that may have for your type of account.

Unfortunately, I think we have all suffered with this scenareo at one time or another.

It seems there is nothing that can be done, as it is simple for a spammer to populate the "return address" with anything they like. I believe it does not actually need to be sent via your server to achieve this.

Make sure that if you have Matt Wright's "formmail" script installed on your host, that it is the protected version. Many versions of the formmail script floating around and preinstalled on many servers are not protected and are easily exploited by spammers.

The above just insures that, in fact, your domain isn't helping a spammer actually send out their stuff via your domain. Let them pay for their own servers to do that, or at least exploit someone else...

I have a similar problem with my formmail.php script. Some spammer is using it heavily to send his spam over my server. It is a "protected" version, checking the referer via the $HTTP_REFERER, but aparently the spammer is sending the header correctly and the emails are send by my formmail script. Anything I can do against that?

I'm sorry I can't help you, wished I could so I could help myself too. Recently I started to receive mails, containing pornographic messages or other spam, send to my domain mail address.......from my domain address, so I spam myself (no, I don't do it, somebody is abusing the domain mail address). I use forum and had the mail function enabled for the users but disabled it, thinking some user was the abuser and I have a bravenet mail form on my site, the script does not contain the mail address. I also bounced several mails before the abuse started and i thought perhaps the bouncing caused the send mail to me thing. I called my host and he told me to wait if others started to complain. They would call me if the mailservices would increase heavily. I'm not content with this answer but untill now, I have had no complains from any other who has been spammed. I have catch-all but it doesn't seem te help, the mail is send to the catch-all address. Does anybody know how this could happen?

Hello All

I don't know if this has already been discussed because I have just skimmed through the postings on this page.

For those of you who are having spamming problems from emails that you did not send and are getting complaints about, I have a question for you all.

Is your site hosted on a shared ip or a dedicated static ip address?

There are many things that can go wrong with a shared ip address and on top of that list is spammers.

If you switch to your own dedicated static ip address all of these problems should easily go away.

If you are on your own dedicated static ip address already and you are still having this spam problem the problem is much more difficult to resolve.

Thanks for your answer, mine is static, so it's more difficult? I heard from somebody that it is quite easy to for instance in outlook use anothers domain address as a sender (I have no idea how, thank god..) so that also could be a reason. The ip numbers of the abusers are different all the time, I've tracked them.