E-mail ‘spoofing’ victimizes innocent domains.

Have you received spam from

You might think so.

I think not.

Spammers routinely engage in an illegal practice commonly known as e-mail spoofing, and more technically as e-mail header forgery, to hide the true origin of their spam. They search for valid (and innocent) domain names, then use them to generate bogus ‘return addresses.’ They may also use software that obscures e-mail headers, which you do not see, to mask the routing of the message. There is virtually nothing that can be done about it, especially since most of the spam apparently originates outside the United States or Great Britain.

It is as if someone were involved in a massive postal mail scam in which fictitious names at your return address were printed on the envelopes. But although they give your ‘Hometown, USA’ address, the envelopes – if they are postmarked at all – are postmarked China, Germany, or perhaps a once-Soviet republic!

My personal domain name has been fraudulently abused in this manner probably many thousand times.

When I first registered the domain, I had my web server forward to my e-mail server. I was occasionally receiving up to 30 ‘bounced (undeliverable) mail’ messages daily. One morning I deleted more than 500 bounced mail messages from my inbox. Some had been rejected by spam filters, but most were addressed to randomly generated, and hence invalid, addresses. I now have only 3 valid e-mail aliases, and everything else is trashed unforwarded.

This experience has undoubtedly been shared by thousands of innocent domain registrants.

What do I do with suspected spam?

Delete it!

Do not open any attachments.

Do not click on any link. That ‘Remove Me…’ link is a scam.

Do not click anywhere in the body of the message. The entire thing may be a link.

Do not reply to the message. The ‘return address’ is probably bogus anyway.

Do not send an e-mail to an address provided in the message.

Typically, most spam recipient addresses are randomly generated. If a spammer receives any response from you, it will simply notify him that your address is a valid address, worthy of further attention.

Clicking on a link may, unknown to you, download malicious software.

If your e-mail is downloaded to Microsoft Outlook Express and you want to view the header of a message, select File — Properties — Details — Message Source. To check an IP number, go to I sometimes view the headers of spam mail. When I can determine the place of origin, it is usually a country in which English is not the primary language, as I often suspect based on unusual grammar in the message.