On Tue, Jul 10, 2012 at 6:05 PM, Majala Mlagui <majala@maarifa.co.ke> wrote:
Hi,
I have a domain (@mydomain.com) with email hosted on Google Apps. Recently I have been receiving mail delivery notification failures for emails supposedly initiated from hijacker@mydomain.com and bouncing back from various organisations.
Hijacker has somehow managed to register multiple email accounts on @ mydomain.com . (These are not on my Google Apps admin panel or my domain hosting Cpanel mail accounts)
Is there a way of 1. Ensuring registration of unauthorised accounts on @ mydomain.com do not occur. 2. Finding and deleting any current unauthorised accounts.
Better still does anyone know how this kind of email hijacking happens?
Thanks!
Majala
In it's simplest form, this is called e-mail spoofing and there is nothing you can do to stop someone from spoofing. However, you can make an attempt at ensuring that MTAs will only accept mail with your domain in the headers if sent from *authorised servers.*This is called SPF. Start here and read -> http://support.google.com/a/bin/answer.py?hl=en&answer=33786 -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler.