I've found this article before and implemented it for domains that we own, but do not use for e-mail purposes. https://www.gov.uk/guidance/protect-domains-that-dont-send-email Might be worth checking it out. Cheers, Rafael ----- Original message ----- From: Konrad Zemek <konrad@zemek.io> To: nanog@nanog.org Subject: About emails impersonating Path Network Date: Monday, February 06, 2023 12:25 Hi Nanog, It looks like someone with an axe to grind against our company has decided to email every AS contact they could find on PeeringDB, impersonating us and sometimes spoofing our domains. We're aware of the emails and are sorry for the inconvenience. We've since added SPF records to the domains we own but don't use (the perps have since name-squatted some new ones). We're also actively working with law enforcement on the matter. Thanks Konrad Zemek CTO Path Network AS396998