Welcome to WebmasterWorld!

If your domain is being spoofed, there's not a thing you can do to stop it. Yes, it's annoying, but it's unavoidable and if you ask around here, I'd say most people will tell you it's happened to them at least a few times in the past.

Of course, you should check to make sure that your site hasn't been exploited somehow so that your server is actually being used to send the messages. That can happen, but from what I understand it's far less likely to happen than for someone to simply fake your domain.

And, then, there's always the possibility that someone's trying to Joe-Job [google.com] you. This article [sitepoint.com] from SitePoint gives some details on how to cope with that type of trick.

And if the flood of bounce messages gets to be too much, about the only thing you can do is set up auto-delete filters and try to forget about it. Unless your server has been compromised, the problem will go away after a few days, until, of course, it happens again . . .

You might think about adding a spf record for your domain if you haven't already done it. The spf or sender policy framework is a part of the sender id proposal for email that is gaining ground. It consists of a text file in your dns record that verifies the server name and ip address that is authorized to send mail through your domain. You then register your information with a database... it's also free. It won't stop the forged bounces back to you *but* will help keep your domain and actual mail servers ip's from being flagged as spam relays with the spam list providers. You can filter the bounces with procmail or another mail filter if you want or maybe forward the bounces to an alias email box so that you can monitor it as you need but it won't glob your actual mailbox.

<digression/>... Most spam lists are invaluable and there are alot of good folks giving alot of their time to keep them up. Another one in particular is run by a bunch of "cowboys" who try to "preemptively" stop spam by flagging entire netblocks of upstream providers. This one actually gives false domain contact information and can only be reached by newsgroup posts... if they *want* to be reached at all. There is absolutely no accountability whatsoever with them. You can very innocently wind up here and if you do you can count on your sent mail coming from your ip's bouncing rejected back to you indefinitely... particularly to aol and rr addresses if you get on the list.

This happened to me. I had to close the "catchall box" so that only mail directed at recognised mailboxes was accepted.

Of course, this meant setting up a load of extra mailboxes, etc, but it paid off.

Kaled.

You can very innocently wind up here and if you do you can count on your sent mail coming from your ip's bouncing rejected back to you indefinitely... particularly to aol and rr addresses if you get on the list.

Isn't that the truth. I've been on AOL's blacklist about three times, normally only for a week, but during that time I can't send to any AOL address at all. I've always been the innocent party, but they don't seem to care.

MatthewHSE:

the problem will go away after a few days

I've been in that situation with 2 domains for 2+ years.