I did check the email headers and could not find your original email address randy at
sermo.net anywhere except in the body of the message.
Anyways, the problem is that the person who is spoofing the email is most probably using roundcube (the webmail that my domain uses) as my domain
ccet.in is not an open relay and the only way I can think of spoofing it is using the Reply To field of roundcube.
Another reason that enforces the belief that my webmail running roundcube is being used is that my webhost has complained that my webmail is being used to send virus ridden emails (he has gone to such great lengths as to suspend my hosting, hopefully temporarily). Now the the recipient of these particulars is me, but I again could not figure out the actual sender from the headers which showed the sender as
administrator@mydomain.com, an email id which doesnt exist at my domain. And without knowing the actual email account used to send these mails, I cannot suspend that account.
So the only possible solution I could think of now is to disable the Reply To field from roundcube so that that person is unable to spoof the email (atleast using roundcube), and if he sends virus ridden emails again, his actual email id can be traced and then suspended.
Someone please come up with a solution as my webhost won't re enable my account until a find a solution to this problem.
On 4/5/06, Nipun Jain <jain.nipun@gmail.com> wrote:
I am facing a problem of email spoofing with my webmail (running on roundcube).
Now is this supposed to work this way? I mean setting the reply to field to any email address in roundcube enables one to spoof the sender's email id? Is there any way to disable the "Reply To" field in roundcube so that users are unable to send spoofed mails?