Blocking spoofed emails from own domain
Posted on 2006-05-12
We are running Exchange 2003 SP2 on Windows 2000 Servers. One front end, one backend. We also have a mail gateway (where our MX record points to) that is responsible for anti-virus/anti-spam running Trend Micro IMSS Our domain is domain1.co.uk.
Occasionally, we occasionally get spoofed emails from our own domain, e.g. mails from firstname.lastname@example.org, being sent to users. The strange thing is that there is no 'to' recipient on these emails, that field is blank, but it still gets delivered to the odd user. I traced the source IP address of these mails, and they are originating elsewhere.
My question is, is there an option in Exchange to block incoming external mail where my domain is the sender? And does anyone know why emails with no 'to' field as being delivered?