Skip to main content

Why Am I Receiving Emails From My Own Domain?

Cosmotown Support
Updated

Symptoms

  • Emails arriving from addresses like admin@yourdomain.com or info@yourdomain.com that you never created
  • Bounce-back messages for emails you didn't send
  • Replies from people claiming you emailed them—when you didn’t

Cause

This is typically caused by email spoofing, not by a hack or unauthorized use of your domain’s email services.

What Is Email Spoofing?

Email spoofing is when someone forges the “From” address in an email to make it appear as if it came from your domain. These emails are not being sent from your actual domain infrastructure—they’re impersonating it.

Spoofing is common and affects domains of all sizes, including major companies like Google and PayPal.

Other Possible Causes

  • Your domain has a catch-all email address (e.g., anything@yourdomain.com goes to your inbox)
  • Email forwarding rules from past domain owners or misconfigured settings
  • You’re using an email service that accepts wildcard aliases by default

Resolution Steps

✅ Step 1: Add SPF, DKIM, and DMARC Records

These are security records that help protect your domain and improve your email deliverability.

  • SPF (Sender Policy Framework): Lists which mail servers are authorized to send on your domain’s behalf
  • DKIM (DomainKeys Identified Mail): Adds a secure signature to outgoing mail
  • DMARC (Domain-based Message Authentication, Reporting & Conformance): Tells receiving servers what to do with suspicious messages

✅ Step 2: Disable Catch-All Email (If Enabled)

If your domain accepts messages to all possible @yourdomain.com addresses, we recommend disabling this feature unless necessary. This reduces spam and unwanted messages.

 

✅ Step 3: Check Forwarding Rules

Check your email host or domain control panel for any automatic forwarding settings that may be sending mail to your inbox from unknown addresses.

✅ Step 4: Inspect Email Headers

To confirm whether a suspicious email actually came from your domain or is spoofed:

  1. Open the full email headers (usually via “Show Original” or “View Source”)
  2. Look for authentication results:
    • SPF: pass/fail
    • DKIM: pass/fail
    • DMARC: pass/fail
  3. Also check the IP address and sending domain

FAQ

Q: Has my domain been hacked?
A: No. In nearly all cases, spoofed emails are not sent from your infrastructure.

Q: Can I stop spoofing completely?
A: While you can’t stop others from spoofing your domain entirely, publishing SPF, DKIM, and DMARC records makes it much harder for them to succeed—and ensures receiving servers reject unauthenticated mail.

Q: Can I block spoofed emails from reaching me?
A: Yes. Email providers like Gmail, Outlook, and others will respect proper DNS records and can filter spoofed messages automatically once you publish them.

Still need help?

Contact our support team!

Related to

Related articles

Comments

0 comments

Article is closed for comments.

Powered by Zendesk