Combat domain spoofing with SPF records

Recently my domain was used to send spam. I found this out when my VPS host sent me an alarming email informing me he was getting complaints that emails were being sent from my domain!

This is possible because anybody can put whatever the like in the From field so they were putting xxxxx@pross.org.uk.

I had setup my domain as a ‘catchall’ address which was BAD, I didn’t realize this was a spammers dream!

So how to fix this:

First make sure you DONT use catchall addresses.

Now the SPF record comes in to play.

I had to add the following to my DNS record for pross.org.uk:

v=spf1 ip4:193.104.186.137 include:_spf.google.com -all

This allows my server IP and spf.google.com to send from pross.org.uk all else is -all a hard fail.

This seems to be working perfectly well so far, spam in my inbox has dropped dramatically and my VPS and DNS hosts are a lot happier!

I’d like to thank Rens Ariens at Yisp.nl and Joshua Anderson at http://freedns.afraid.org