If you look at your incoming mails after you log in to your mail box with horror, for you see it is spammed by undeliverable messages or other messages from different postmasters or mailer-daemons, this guide is just for you. In these cases it means that the attacker or a harmful script has chosen your domain and is trying to spam your mailboxes or use your mailboxes to spam others. Often they use different false mailer or other tools.
First you need to check, if you do or don’t have the domain box enabled. You can check it in WebAdmin in the section E-mails > Domain box. If it is enabled, it means that any e-mail send to non-existing addresses e.g. asdf@mydomain.tld on your domain will be delivered the specified mailbox that is now spammed.
Unfortunately in this case domain box is more of a nuisance and is recommended to disable this feature. After that we should not receive any more spams.
To disable the domain box, go to the domain box settings and delete the destination address.
2. Other possibility is to tighten SPF rules in DNS TXT records of the domain. Most strict rules are with “-“, so we change these records on your domain:
v=spf1 a mx include:_spf.websupport.cz ?all
spf2.0/pra a mx include:_sid.websupport.cz ?all
to:
v=spf1 a mx include:_spf.websupport.cz -all
spf2.0/pra a mx include:_sid.websupport.cz -all
This setting prevents to send any messages from non-existent mailboxes on your domain defined by MX records. Editing the SPF records can be done in the WebAdmin interface in the section DNS>TXT.
3. In the case none of above-mentioned solutions help to eliminate the spam, you can set filters in the mailbox management. But for this option it is necessary to look up words, that appear in the spam messages often, like undeliverable message returned to sender and based on these words set the rule to delete the messages.