Solved Spam from my own domain!

Ambarishrh

I have an old google apps account (free) and recently started receiving lot of emails from my own domain with any random [email protected]!

A sample email snap below. Just wondering how can i stop this, don't want to mark anything @ambarishrh.com as spam either.

One thing i guess is any emails sent to an invalid [email protected] is forwarded to me, but wondering where this is originating from?

Message raw details, if this helps
Delivered-To: [email protected]
Received: by 10.28.98.133 with SMTP id w127csp2027836wmb;
Tue, 10 May 2016 07:25:41 -0700 (PDT)
X-Received: by 10.55.80.131 with SMTP id e125mr43996035qkb.62.1462890341467;
Tue, 10 May 2016 07:25:41 -0700 (PDT)
Return-Path: [email protected]
Received: from gmail.mxhero.com (engine-facing-node-2.mxhero.net. [54.236.184.32])
by mx.google.com with ESMTPS id z203si1593273qka.44.2016.05.10.07.25.41
for [email protected]
(version=TLS1_1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
Tue, 10 May 2016 07:25:41 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates 54.236.184.32 as permitted sender) client-ip=54.236.184.32;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of [email protected] designates 54.236.184.32 as permitted sender) [email protected]
Received: from engine-facing-node-2.mxhero.net (localhost [127.0.0.1])
by gmail.mxhero.com (Postfix) with ESMTP id 093CB4BCDD
for [email protected]; Tue, 10 May 2016 14:25:41 +0000 (UTC)
Received: from [159.20.99.63] (unknown [159.20.99.63])
by gmail.mxhero.com (Postfix) with ESMTP
for [email protected]; Tue, 10 May 2016 14:25:40 +0000 (UTC)
Message-ID: [email protected]
From: [email protected]
To: [email protected]
Subject: Cooperarion with a large firm
Date: 19 Jun 2016 20:32:11 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="---------4000310893793740"
X-Mailer: Vvcxrkl ippdajf 4.8
x-mxHero-Origin-Ip: 159.20.99.63
X-mxHero-Original-Subject: Cooperarion with a large firm
X-mxHero-Sender: [email protected]
X-mxHero-Recipient: [email protected]
X-mxHero-Output-Service: org.mxhero.plugin.smtpconnector.service.SMTPConnectorOutputService

This is a multi-part message in MIME format.
-----------4000310893793740
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

scottalanmiller

Andishe Sabz Khazar ADSL IP Block in Iran

Ambarishrh

You mean this sender?

scottalanmiller

Yeah, unless that was spoofed, that's where it came from.

Alex Sage

Turn on SPF
https://support.google.com/a/answer/178723?hl=en

Ambarishrh

I have this at the moment.

https://i.imgur.com/A4eIjZF.png

Shall i add v=spf1 include:_spf.google.com ~all as well?

momurda

v=spf1 include:_spf.google.com aspmx.googlemail.com -all

are you sending emails from a or other mx records on your domain? If not you dont need to include them. This should work ok for you
I also like hard fails, but others dont.