When it comes to email spoofing. You can’t fix what you don’t know is happening.
Plainly put – spoofing is the very uncool act of sending email using someone else’s email address (as the “from” address). This so that the receiver of the message thinks that the message is legit, to “sell” the receiver the lie it’s coming from someone other than them. People are naturally more likely to read email if they think the sender is above-board.
Enter DMARC – a work in progress email authentication and reporting standard.
DMARC is a way to make it easier for email senders and receivers to determine whether or not a given message is legitimately from the sender, and what to do if it isn’t. This makes it easier to identify spam and phishing messages, and keep them out of inboxes.
Never mind the work in progress, DMARC is used by all the big players. Given Gmail, Office 365, and other email providers dominate email traffic, informed consensus says DMARC really is non-negotiable today.
How else can you get reporting on all messages that claim to come from your domain? Only from email providers/email systems who’ve implemented the DMARC standard. You’ll get reports on how many illegitimate messages are using your domain, and where the emails are coming from.
Find out if your email address is backed by best practice email security and authentication measures: https://dmarcian.com/dmarc-inspector/
Learn more about DMARC at https://dmarc.org