People Can Spoof Emails from Your Domain Name

Over the years, I have had several people ask me to let them have an email address on a domain name I own. Some people like having an email address from a particular domain name because it’s a novelty and others want to have because the something is related to their profession or personal interests. I have never offered an email service and I have no interest in offering it for many reasons.

Yesterday afternoon, I received a phone call and text messages from someone who apparently received an email that looked like it came from one of my domain names. Someone harassed her from a made up email address, and she asked me for information about the email address because she saw that I own the domain name. Obviously (from my perspective) the email was spoofed, but it was quite disturbing to hear that someone chose one of my domain names to use for this.

Luckily, this seems to be an isolated case rather than someone using a domain name to run a large scam or spam campaign, but it is still something domain owners should know is possible. If a domain owner offers email service from their domain names, this can be even more problematic and require legal intervention.

When you have good domain names, especially domain names that sound “official,” there could be people out there pretending to be affiliated with the domain name or website. In fact, Uniregistry Market even has a canned response for domain owners who receive inquiries from people who believe they received spam from a parked domain name:

“If you received a spam email which you believe came from one of our website addresses, you must understand that identifying information in email is easily forged by spammers. We do not send email from any of our website addresses. In fact, since we only use these website address for providing web pages, we work with a leading spam detection organization to collect and forward email to them for spam identification, because there should be no reason why anyone is sending email to our website addresses.”

When you have desirable domain names, there could be people who use them to send spam, scam, or harass others.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn
  1. Yes, they can spoof an email address, but now there is another chilling aspect.

    These slimy scammers have figured a way to add code to the encoded original message that masks their real email address and shows YOUR address, usually with a recipient of a brand name, for example, Canon[at] .

    For now, they are still unable to spoof IP numbers within the encoded message, but it’s only a matter of time.

  2. I have, typo of millionaire and you can’t imagine how many emails I got on that because someone or likely many people who are not great at spelling were spoofing that url to send notices to people claiming to give them money. I set up some restrictions around my email which did cut back on it a good deal. This article is a good start at reducing people’s ability to spoof you

  3. Elliot, that’s an interesting topic you are discussing here. I own a couple names where people frequently abuse my name through spoofing so I am not new to this. What do you propose to do in such a case and do you believe you can be held accountable for this if the investigators believe you are sending them?

    Anyway, I always wanted to do what you propse in the other article and start such an email service. I like your points in the other article, but as a business owner you always assume risks others are not willing to take, that’s just part of the game.

    Just a hypothetical question, if I would develop something like a parking service for renting out email addresses and take a small percentage, would you consider being a customer? I am thinking the addressable market would probably be rather small, so may not be worth it, but I like the idea, especially since email uses different DNS servers so you could host it elsewhere (DomainNameSales) and only redirect the mail records to such a service. So you’d have the best of both worlds.

  4. You should set the SPF Record in DNS of your domains. In Godaddy you only can access the feature in Classic DNS. If you didn’t do it, someone can made an amail with your domains easily for spamming.

Leave a Reply

Recent Posts

Questions Related to Uni —> Afternic Parking Migration

If you are a Uniregistry customer, you most likely received an email explaining the upcoming migration of the Uniregistry Market and parking platform to...

Some Uni-Registered New gTLDs Will be Transferred to 1API

I received an email from Uni (formerly Uniregistry) that I initially thought was a Whois verification email and almost ignored. It was, in fact,...

Advice and Resources for a Newbie Domain Investor

Someone reached out to me on Twitter seeking advice for selling domain names. In a short tweet thread, I shared a few thoughts and... Now Forwarding to ChatGPT Website

Early this morning, Andy Booth tweeted about, asking if the domain name was acquired by ChatGPT. Andy presumably asked because the domain...

Markmonitor Highlights Job Openings

Last week, GoDaddy layoffs impacted 8% of its workforce around the world. I am sure there are quite a few experienced people seeking new...