How can spammers send email using my domain name?

If you have received SPAM email from your own domain name, it can be disconcerting. But it does not necessarily mean you (or the server) have been hacked. Most often, it is another reason altogether. Here is why.

There are two methods of sending email, both of which spammers use:

1. Sending Email Through Your Email Account

Just like you do, if a spammer gains access to the username/password of your email account, they can log in and use your email server to send emails.

2. Sending Email From Their Own Web Server

This is how most spam is sent. Any server can send emails and code can make the reply address say anything. A few lines of code could send an email from bill.gates@microsoft.com.

Most SPAM is sent using #2 above. So a quick line of code and they can send an email that looks like it was sent from your domain, but had nothing to do with your domain.

WHY WOULD SPAMMERS SEND EMAIL FROM MY DOMAIN?

The main reason is to bypass spam filters. You might also easier trust an email sent from your domain. So when a spammer has your email on a list (e.g. wendy@webinstinct.com), they write code to send email "from" another account @webinstinct.com. This helps the spam email make it past a spam filter as well as seem more familiar to the you, the recipient.

IS THERE A WAY TO TELL WHERE THE EMAIL CAME FROM?

There sure is. Every email contains a header, which your email program hides from view. This header contains all sorts of information about where this email came from and how it was sent. It is often very easy to confirm that the reply address with your domain did not actually originate from your server.