Recently my site https://exio.tech/ subdomain eth .exio.tech get spammed content(not relevant to my site and not added by me or my team, you can see with google. I blocked the subdomain from Cloudflare. I just wanna know how it’s possible, and what can I do to be aware of things like this?
It’s difficult to tell on the sparse data you provide. Below is just my guess.
Apparantly, there are no DNS records for eth.exio.tech, so an unregistered host with that internal name is sending mail from your domain. Anyone can do that kind of spoofing.
Your DMARC policy is ‘none’, with no reporting, so you get no insight or protection from having DMARC. I suggest you add a -rua tag, and start monitoring in order to move your policy to quarantine or reject soon.
It can also be helpful to set wildcard DNS records that clearly communicate that forged subdomains will not be sending email. The UK government has a good resource that can be adapted to provide such protection.