I have been tinkering with SPF records and the like in an attempt to slow down the spoofing of my domains.  So far, my results have proven futile.  I have two specific questions.

1. Some time ago I came across a post with a configuration change that was to have helped in this matter.  If I recall corrctly, Plesk's default configuration invited others to spoof away.  Anyone have any idea of what I am talking about?

2. I have been studying email headers - both incoming and outgoing - and have been surprised to see other domains on my server showing up in my headers.  For example, in an email sent to MYDOMAIN_A.COM I see
I then see the SPF record info from the second domain.

Why is that?  Other than being on the same server, these domains have no relationship at all.  (In fact, they belong to separate clients).  This seems to happen randomly, with all of the domains.  That is, there is no consistency in which domain "b" will show up in the header.

Any thoughts?  Other suggestions for handling spoofing?

Thanks,
Robert Reed

I am out of my office at the moment, but when I return I will open a ticket and send you the information.

I would also be curious to know some of those things "that can be added to combat against domain spoofing more effectively".

Thanks for your response and your assistance.

Thanks,

I will continue to investigate.

In the meantime, I opened ticket #718600

Robert Reed