Blocking spam set to your own domain

[SledFang]

I've noticed that I get a lot of spam with the to field set to my email's own domain (a domain I own). My hosting has a Cpanel account and all the email authentication features are switched on including DKIM and SPF.

So what I don't get is, why doesn't Thunderbird detect that this email is not authorized by my domain? If someone just creates an email that doesn't exist and sets the to: field to read spamysalesemail@mydomain.com then surely this should be blocked? Wouldn't Thunderbird just realize that this is not a genuine email address and reject it? I would have thought it would just query my server for that domain and realize it was fake?

How would I set this feature up?

I've also installed an Addon called Thundersec but it doesn't seem to have helped at all. All it does is marks the email as possible spam and I still have to clean it all up myself!

[tanstaafl]

I'm not aware of a email client that has those features. If the Thunderbird developers added those features I'd expect them to implement it as part of the junk mail controls. It hasn't been touched for many years. I don't know why its been neglected. However, when it was written it was very unusual for users to own their own domain.

You could write a message filter that tests whether "From" "Contains" "mydomain.com" and "From" "isn't in my address book" "personal address book" , with action "Set Junk Status to" "Junk" . Check "match all of the following" to make it AND the two rules. You could probably also implement that type of filtering using webmail. Most support configuring some sort of filtering that is automatically run when the mail server receives a new message, so it doesn't matter whether you are using webmail or a email client to get your mail.

My main email provider runs SpamAssassin on the server, and lets me configure a custom Sieve (a mail filtering language) script. That is even more powerful. I've modified the Sieve script to test for many types of spoofing. IMHO its much better to deal with spam server side than in the email client, if you can. I suggest you see if your provider offers similar functionality. SpamAssasin is pretty popular and many email providers support some easy way to tweak a few of its settings by ordinary users, such as how aggressive it should be.

I hadn't heard of Thundersec add-on before. It appears to mark a message as junk if it fails any of the security checks. Perhaps you need to experiment with adding some other DNS black lists.

http://kb.mozillazine.org/Junk_Mail_Controls

[SledFang]

I have got SpamAssassin. All it seemed to have was the required score fields which didn't seem to do much. I do use the Account Level filtering to add domains which I'm getting spam for.

I thought that the email authentication would work better for email addresses that don't exist on the server. I'll look into the "isn't in my address book" feature. Thanks for the information.