How to enable/disable anti-spoofing protection for Namecheap Private Email and why we need it


1. What is email spoofing?
2. How do I know if my account is being spoofed?
3. How to enable/disable anti-spoofing protection for Namecheap Private Email?
4. Why do I need to disable anti-spoofing protection?



1. What is email spoofing?

Email spoofing
is a forging of email address to make it seem like the message has been sent from you to trick people into opening it.

NOTE: although your email address may have been spoofed, it does not mean that the spoofer has gained access to your account. The message actually originates from the spammer's email account and is sent from the spammer's mail server.



2. How do I know if my account is being spoofed?

1. You receive mailer-daemon error messages (bounce back emails) to your INBOX that do NOT match any messages you sent. The return address might not match your actual email address but uses your domain name. Usually, such messages go to Spam folder.

2. You get the replies to the messages from people who received email from you, however, you never sent these emails.

NOTE:
you won't see these messages in your Sent folder. That's the main difference between hacked and spoofed email accounts.

Since email spoofing is widely used by hackers to retrieve sensitive information from the recipient using an email address similar to your own, we added Anti-Spoofing protection feature for Private Email users that may be enabled/disabled in a few clicks. By default Anti-Spoofing protection is enabled for all Private email accounts.



3. How to enable/disable anti-spoofing protection for Namecheap Private Email?

1. Sign in to your Namecheap account.

2. Go to Private Email menu on your left, and then click Manage next to the needed subscription:



3. Look for Email Security section and checkmark the box option Anti-Spoof Filter to enable it:





4. Why do I need to disable anti-spoofing protection?

There are some cases when Anti-Spoofing protection may interrupt normal functioning of mail service.

For instance, you have two domains (domain.com and example.com) and each of them has an active Private email subscription. The first domain domain.com uses a third-party mail service and has the corresponding MX records for it. The other domain example.com still uses Private email MX records. When you send an email from user@domain.com to user@example.com, the Private email server checks if there is a sender domain name in its database.

You may receive the following error or bounce back email after sending the message out:

This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error.
The following address(es) failed:
user@example.com
SMTP error from remote mail server after RCPT TO: < user@example.com >:
host mx1.privateemail.com [198.187.29.233]: 553 5.7.1 < user@domain.com >:
Sender address rejected: not logged in

This means that the Private email server checks that the mail for domain.com is hosted on its server, so emails from this address cannot come from external SMTP server. This option is helpful if both sender and recipient have Private Email subscriptions. This is how our Anti-Spoofing protection works.

In order to avoid such error you need to disable Anti-Spoofing protection for the sender domain in Namecheap account - for this make sure Anti-Spoof Filter box is unchecked:






That's it!

              
                      Need any help? Contact our HelpDesk

Updated
Viewed
51577 times

Need help? We're always here for you.

notmyip