Over the last few months, I have seen my company's web site domain used as the originator of a lot of spam. I know this because I get the spam email bounced back, and checking the header information, I verify that my domain name is part of the email address. I know the spammers are not using my mail server as the relay point, but they are using my domain name as if it is coming from me (or "someone" at my company -- they always come up with clever names as if that person works for me).
So, if inbound e-mail server was simply checking that sending e-mail server's IP address matches the IP address that is published in the DNS record, then at least that kind of scam would be detected! Good news here is that for helping to add such check to inbound e-mail servers for inbound e-mail processing, Microsoft recently released beta version of their royalty-free â€œSender ID frameworkâ€ and is working with IETF for approving it as an Internet standard. Here is the link:
Check itâ€¦ use itâ€¦ help to stop these nasty spooffers/scammers/spammers!
I completely agree; the sooner the better!