Originally posted by phoenixisp Any way to stop it?
I have not had much experience with problems like this, but when I have I have a) put the domain someone was trying to spoof from in Qmail's badmailfrom folder, or
b) Just blocked their access to my mailserver outright at the router.
Other than blocking the users IP, there's not really any valid way of stopping this except dissallowing from particular domains that I know of (If you use qmail, qmail.org has a good list of programs). MTA's are NOT very strict when it comes to "from" headers, because they need to accept mail from a large range of users and domains.