Home > FAQ > Email > Spam & Junk > Can I allow spoof for my domain's email?
Yes - but we DO NOT recommend this - as allowing spoof means accepting emails that are sent from an unauthorised party (spammers/hackers) using the identity of your email domain or user account.
This puts your users at higher risk of cyberattacks - imagine someone disguising as your colleague's email address and send you an email, attaching with a seemingly legitimate file attachment. Without any doubt, you download the attachment, only to find out that it contains virus - but it is too late as the virus has already started attacking your system.
Some users may want to allow spoof as they are using third-party SMTP IP (e.g. mass marketing tool/system) to send emails, where the incoming emails will be identified as spoof. For such cases, instead of allowing spoof, we suggest to configure SPF to include the third-party SMTP IP.
If you are aware of the risks, you can allow spoof by logging in to the VO portal as administrator (Avomaster/voadmin), go to Profile > Admin > SMTP settings, and select “Yes” for the “Allow spoof mail” option.