We have noticed that somebody has created an email id using our domain name and has been sending many spam messages. Recently we have received emails showing some strange name with our domain. Eg. [emailprotected]
We have no idea how this could be happening. Does anyone have any idea on this or what we could do do prevent this? Thanks.This is a very common spoofing technique used by spammers. No, there is nothing you can do to prevent this. This is a weakness of the email protocol (SMTP). It requires a line such as "From: [emailprotected]" to be ADDED to the email. This can be rewritten by the user as the user wishes. In fact you can do this yourself quite easily in OUTLOOK or most other email programs. In the email account settings, just change the contents of the FIELD "Email address".

Spam detection ALWAYS has to be on the basis of the contents of the email, including the hidden lines (such as "From: ...") added by email programs and servers. There is literally nothing you can do to prevent someone from sending spam purportedly coming from your domain. Sender Policy Framework provides a partial solution, but it is not in widespread use, nor is it perfect, because it does not suit all use case scenarios.

Sorry!

Note: I have simplified the issue somewhat. There are preventative measures that can be taken by ISPs (such as reverse DNS lookups, RBLs, etc.) but very little that an end user can do.

Further reading:

http://ask-leo.com/someones_sending_from_my_email_address_how_do_i_stop_them.html
http://frankdzedzy.com/2005/12/13/email-address-spoofing/
http://www.mailsbroadcast.com/email.broadcast.faq/46.email.spoofing.htm
http://www.windowsecurity.com/articles/Email-Spoofing.html
Thanks for your reply Rob. It does simplify and explain this topic better. We will LOOK into the links and suggestions u have given and then update here with the results or whatever happens.Ok. Good luck!