Spammers using your e-mail address

The original question was, "Someone appeared to be using my e-mail address in their spam messages. Is there anything I can do about this?"

Welcome to the wild wild Internet. First a little back story, and then a partial solution.

How / Why are people using your e-mail address?

They got your e-mail address off the net somewhere and are using it as the from address when they send bulk spam e-mail.
A virus (or more correctly a trojan, or more generically malware) on a computer has looked inside of the local address book of the infected machine. It found your e-mail address, and another e-mail address, and is sending mail from one to the other in the hopes that the recipient will recognize the sender, open it up and get infected.
A spammer found your e-mail address, and is sending e-mail to you, from you, in the hopes that you will again open it because it is from you.

What can you do?

Well the best thing to do is to put SPF records in your DNS. Yeah, it isn't the big red button solution, but it is a solution. SPF records are used by large mail systems (Google gmail uses them for example) to verify that a machine is authorized for sending e-mail. For instance...

Let's say that the mail server at mail.example.com sends mail to someaddress@gmail.com and the from address is "junkemail@handynerds.com"

Gmail will look up the SPF record at handynerds to get a list of all the mail servers that are authorized to send mail using a from address of handynerds.com Because example.com is not one of them, it will refuse (or at least suspect) the mail.

If I send mail from my handynerds.com mail server, it all works just great because my mail server is allowed to send mail from that domain.

How do you get an SPF record? Well I have some more information at a page that talks about ISP black lists and SPF records.

This actually is a discussion about me setting up a new e-commerce site with its own dedicated mail server and the issues that I had to go through. Hopefully helping others do the same. It includes a discussion about SPF records.

In short, it requires you to add a record to your DNS for your domain. If you are hosted, you most likely need to ask your service provider for help. If you are using DNS at godaddy, it can be done through TXT records. If you want to run your own DNS, I highly recommend editdns.net. They are free, and have great customer service.

Running your own DNS is not for the faint hearted though. I run my own because I am familiar with it, and because I am also running IPv6 so I need specialized records. It is really easy to mess something up and take yourself off the grid (so to speak) so make sure you know what you are doing.

Good luck.

--Brett Thorson
   http://www.Best4Men.com/
   The best men's grooming products, all in one place.