How are they doing it?
Anyone can spoof another's address by putting it in the 'from' header, either in a script or mailer app. Using a simple PHP script like this would work: code: mail($to, $subject, $message, 'From:throb@bumpoke.com');
And how do I stop them?
TBH, I don't think you can, they're probably not routing via your (host's) server.bastard by name, bastard by nature |