People Can Spoof Emails from Your Domain Name

Over the years, I have had several people ask me to let them have an email address on a domain name I own. Some people like having an email address from a particular domain name because it’s a novelty and others want to have name@something.com because the something is related to their profession or personal interests. I have never offered an email service and I have no interest in offering it for many reasons.

Yesterday afternoon, I received a phone call and text messages from someone who apparently received an email that looked like it came from one of my domain names. Someone harassed her from a made up email address, and she asked me for information about the email address because she saw that I own the domain name. Obviously (from my perspective) the email was spoofed, but it was quite disturbing to hear that someone chose one of my domain names to use for this.

Luckily, this seems to be an isolated case rather than someone using a domain name to run a large scam or spam campaign, but it is still something domain owners should know is possible. If a domain owner offers email service from their domain names, this can be even more problematic and require legal intervention.

When you have good domain names, especially domain names that sound “official,” there could be people out there pretending to be affiliated with the domain name or website. In fact, Uniregistry Market even has a canned response for domain owners who receive inquiries from people who believe they received spam from a parked domain name:

“If you received a spam email which you believe came from one of our website addresses, you must understand that identifying information in email is easily forged by spammers. We do not send email from any of our website addresses. In fact, since we only use these website address for providing web pages, we work with a leading spam detection organization to collect and forward email to them for spam identification, because there should be no reason why anyone is sending email to our website addresses.”

When you have desirable domain names, there could be people who use them to send spam, scam, or harass others.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn
  1. Yes, they can spoof an email address, but now there is another chilling aspect.

    These slimy scammers have figured a way to add code to the encoded original message that masks their real email address and shows YOUR address, usually with a recipient of a brand name, for example, Canon[at]example.com .

    For now, they are still unable to spoof IP numbers within the encoded message, but it’s only a matter of time.

  2. I have millioniare.com, typo of millionaire and you can’t imagine how many emails I got on that because someone or likely many people who are not great at spelling were spoofing that url to send notices to people claiming to give them money. I set up some restrictions around my email which did cut back on it a good deal. This article is a good start at reducing people’s ability to spoof you https://www.godaddy.com/help/add-an-spf-record-19218.

  3. Elliot, that’s an interesting topic you are discussing here. I own a couple names where people frequently abuse my name through spoofing so I am not new to this. What do you propose to do in such a case and do you believe you can be held accountable for this if the investigators believe you are sending them?

    Anyway, I always wanted to do what you propse in the other article and start such an email service. I like your points in the other article, but as a business owner you always assume risks others are not willing to take, that’s just part of the game.

    Just a hypothetical question, if I would develop something like a parking service for renting out email addresses and take a small percentage, would you consider being a customer? I am thinking the addressable market would probably be rather small, so may not be worth it, but I like the idea, especially since email uses different DNS servers so you could host it elsewhere (DomainNameSales) and only redirect the mail records to such a service. So you’d have the best of both worlds.

  4. You should set the SPF Record in DNS of your domains. In Godaddy you only can access the feature in Classic DNS. If you didn’t do it, someone can made an amail with your domains easily for spamming.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Posts

The Price Will Increase or the Domain Name Will be Sold

2
At our town's annual meeting, there was a discussion about paving a secondary road. The non-critical infrastructure project was needed to be done at...

Diamond.com Sold via Saw.com for 7 Figures

2
A little over a week ago, I came across Diamond.com, and I noticed its coming soon page. When I scrolled down, I saw a...

I Would Love to Go Back in Time

1
NameBio does a very good job of tracking down and reporting domain name auction results. Domain investors aren't the only people who use NameBio...

Dynadot Now Allowing Imported Leads

4
Domain investors have another option to transact domain name sales. Dynadot Founder and CEO Todd Han announced that Dynadot customers can now import their...

Challenge of Buying a Domain Name from a Big Company

1
There are many large companies that own domain names that aren't being used. This can be due to corporate acquisitions and mergers, killed products...