You most likely see spam with the From
header set to your own email address because of at least one of these:
Setting a Strict SPF Record
If your domain is example.com
and you send emails from the IP address 1.2.3.4
, here is a strict SPF record you could put into your zone file that only allows
1.2.3.4
,
- the domain's
A
record, and
- what the domain's
MX
record resolves to
to send emails:
example.com. IN TXT "v=spf1 +a +mx +ip4:1.2.3.4 -all"
This record does not prevent spammers from using your email address in the From
header, but it does tell receiving servers that pay attention to SPF records to refuse to deliver emails not sent by 1.2.3.4
.
If you use a mail provider for your domain, you'll need to find out from them what SPF settings to use. For example, with Google Apps, you would need to follow these instructions.
Configuring an Email Server to Check SPF
There are various different MTAs and control panels for them. You'll need to consult the documentation of your MTA or its control panel (such as cPanel) to set up SPF checking.
As one example, Exim can be configured to check SPF records by following this guide.
Server-side spam filters tend to check SPF as well. For example, SpamAssassin can check SPF records, as you can see in the documentation here.