Spoofing, SPF
Spoofing is when someone sends an email with a modified "From" field to hide their identity or make it appear that another account is sending mail. A sign that your email is being spoofed is receiving spam return messages - failure to delivers or mailer-daemon bouncebacks for email that you never sent.
Although you cannot directly stop email spoofers, you are not penalized for having your email address spoofed by a spammer. Service providers use IP addresses to make blacklist and ban decisions.
Catchalls and SPF records
Catchalls are short term solutions. If you have Default Address enabled, you can set catchalls to ":fail: no such address here." This will stop bouncebacks.
An SPF record can fix  this problem on the long term.
SPF Record
You can verify whether or not your domain has an SPF record by checking with www.nwtools.com. Search for your domain name in the DNS Records search. If there is a TXT record with "v=spf1 ..." as the value, you have an SPF record.
Automatic SPF Record Creation
- In cPanel, navigate to the Mail section.
- Click "Email Authentication".
- Scroll down to the section titled "SPF".
- Select "Enable".
Manual SPF Record Creation
- In cPanel, navigate to the "Domains" section.
- Click "DNS Zone Editor".
- Pick the domain name you wish to create an SPF record for from the list.
- Underneath "Add A Record", enter the necessary information: Domain Name, TTL set to 14400, Type set to TXT, and create a special code for Address.
- Click "Add Record".
WHM SPF Record Creation
- In WHM, find "DNS Functions" on the left side panel.
- Select "Edit DNS Zone".
- Pick the domain name you wish to create the record for from the "Choose a Zone to Edit" list. Click "Edit".
- Find "Add New Entries Below This Line". Enter your domain name with a trailing period, like "yourdomain.com." Do not change the 14400 value, choose TXT from the Select dropdown menu, and create a special code in the "Text Information" box.
- Click "Save".
