Ok, so I have a client/domain that is getting spoofed emails looking like they are coming from their email address. They get a lot of these a day. They get passed because it is a trusted sender in their contacts (themselves). Is there a way to put a stop to this. I believe there should be a way but am stuck on this one. We do not manage their DNS and I have asked them to set up DKIM but in the meantime trying to figure out a way to get this to stop. Below is the headers of one of the emails. Notice the From has my users email address. This is spoofing obviously. She also has her email address on the contact list, why would this still get through when it is obviously not from herself. Thanks.
Received: from smpx.starlliance.net (smpx.starlliance.net [188.8.131.52]) by mail.centricweb.net with SMTP;
Tue, 9 Jan 2018 01:56:55 -0600
From: "=?UTF-8?Q?=42=69=6c=6c=69=6e=67_=43=6f=6e=66=69=72=6d=61=74=69=6f=6e?=" <firstname.lastname@example.org>
Content-Type: text/html; charset=UTF-8
Date: Tue, 9 Jan 2018 02:57:35 -0500
X-SmarterMail-Spam: Bayesian Filtering, Commtouch 40 [value: Confirmed], ISpamAssassin 0 [raw: 0], SPF_Pass, DK_None, DKIM_None, SORBS 06 - RECENT
X-SmarterMail-TotalSpamWeight: 0 (Trusted Sender - Contact)