Hey.
Am 19.08.2014 17:51, schrieb JusticeRage:
The good news is, there is something you can do about it. This is exactly what Sender Policy Framework [1] was created for. Long story short, this is some information you can put in your DNS to indicate which machines are allowed to send e-mails for the domains, and which are not (hint: the exit node should not be listed in there).
You should consider adding a DMARC record as well (with the "reject" policy). This is a somewhat more recent standard that allows you to explicitly drop emails which do not have a DKIM signature for your domain and/or fail SPF checks. Most of the "big" email companies seem to respect DMARC now. See http://www.dmarc.org for details.
felix