Spam/Spoofed Email <fakeuser@ourdomain.com>

We have had an issue with Spoofed emails for some time now.

For instance we will recieve an email from <xff@OurDomain.com>

How can we prevent fake emails that have our domain on the address from being sent? We run a single Exchange 2003 server with Symantec 10.0
Drakin030Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

robjeevesCommented:
It's tricky because anyone can can send an email and say it is from anyone.

Something in its early stages is SPF - You can have a read here http://www.openspf.org/
Basically you add a DNS entry that says what IP/s can send email from your domain.  For this to work a 3rd partys mail server needs to actually perform an SPF check to see if the email from your domain really did originate from one of the specified IPs.  Its early days for SPF so not full proof by any stretch.

Worth taking a look at the link though for a bit of reading

Rob
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SembeeCommented:
See my response and others in this question earlier today.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q__22490265.html

Basically there is close to nothing you can do as long as the messages are not originating from your domain.

Simon.
0
robjeevesCommented:
The analogy I use is;

There is nothing to stop someone putting a post card in the postbox and saying its from santa clause.  It will still get delivered.

Rob

0
Drakin030Author Commented:
Hmm...Well I guess theres not alot I can do then. It stinks cause when they are sent alot of the times its sent to the address for all users. For instance "CentralOffice@<mydomain>.com

So everyone would get it. Argh, oh well.

So what should I do about the points thing...
0
SembeeCommented:
If you have an address that all users email, and no one from outside needs to email it, then change the SMTP address, put the address that is being abused in to a black hole and restrict the new group to internal people only.

Simon.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Hardware

From novice to tech pro — start learning today.