Help! Spammer's are using my domain name!

From time to time we have clients who begin receiving a large quantity of bounced 
messages for spam that has their domain name marked as the "from" domain.

As much as we'd love to be able to fix the problem, we can't. There is nothing that
we (or any other webhost) can do to stop this.

Don't Believe Us? We totally understand. It seems crazy that this sort of thing can happen. However
it can and does. 

How Can Spammers Do this?

Actually it's pretty easy. Internet mail allows a sender to put any address into the "From" field of a message.
For example, you could open up your POP3 email program and set your mail to be from "president@whitehouse.gov"
and it would send off just fine. Of course the only catch is that you would never get any replies. The replies
would all go to the address you set the from to be. However spammer usually don't want the replies - they
just want to advertise their website, etc. and ignore the replies (since they are almost all bounces
and/or complaints). For the spammers, it's perfect. They send the spam and YOU get the complaints!

Can't you as my host block them from my mailserver?

We do block them. All of our mail servers are closed relays and only allow mail to be relied by
authorized users. However the spammers don't use your mailserver to send from - they use their own (or they
use the mail server of some clueless ISP/webhost that do have open relays). They just set the from address
to be your domain. 

Do I need to worry about this?

Not really. It's a huge pain to deal with all the bounces but in general it is very easy for any spam
hunter to see that the mail is not really from you. The headers show the true origination of the spam.

What can I do to stop the spammers?

To be frank - not a whole lot. You can read the headers and try to track down the true origination point
of the mail. Unfortunately most spammers go to a lot of trouble to make sure the path is pretty long and
hard to track. Even after you track them down you have to get all the different ISP's, hosts, etc. along
the way to help you find the users true name. Most won't unless you get law enforcement involved. What's
worse is that by then the logs of the original connections are often long gone.

More Information:

We sometimes have people who think that surely we are wrong and that we can stop this. Below are two
links from wikipedia that discuss the issue:

http://en.wikipedia.org/wiki/E-mail_spoofing
http://en.wikipedia.org/wiki/Backscatter#Backscatter_of_email_spam

Read these links to get some third party opinions on what is going on (you can also put something like
"spammer using my domain" into most search engines and pull up lots of other examples):

Another search term to use is "joe job" - this is the anti-spam industry term for this type of forgery.

See :

http://catb.org/~esr/jargon/html/J/joe-job.html

In all cases, you'll find the that the advice is basically "tell your host, but only so they know it is
not you sending the stuff. To get a real solution, track down the spammer (nearly impossible at times) or
just wait it out (the spammers usually move on to the next domain in their list to fake mail from)"