Unfortunately people can spoof your email domain and send out as much as they want and there’s not too much you can do about it. I’ve had this happen to me but luckily it was just Rolex spam and not a scam message.
So they spoof your domain, send out a bunch of crap and you’re stuck with the bounce messages returning to the legit domain.
I’m interested in a way around this as well if something has changed in the last year
I was told that even though there are a number of ways for webmasters and ISP’s to authenticate where an email has *really* come from, not everyone has those methods enabled or cares enough about it yet to make much of a difference.
There is no way to stop this from happening. Any one can send email as anyone else.
There are several methods for email authentication, but there is no standard system which everyone uses.
Odds are there is will be no way to prevent this any time soon.