Solved

Spam/Spoofed Email <fakeuser@ourdomain.com>

Posted on 2007-04-03
5
361 Views
Last Modified: 2010-04-19
We have had an issue with Spoofed emails for some time now.

For instance we will recieve an email from <xff@OurDomain.com>

How can we prevent fake emails that have our domain on the address from being sent? We run a single Exchange 2003 server with Symantec 10.0
0
Comment
Question by:Drakin030
  • 2
  • 2
5 Comments
 
LVL 9

Accepted Solution

by:
robjeeves earned 250 total points
ID: 18847310
It's tricky because anyone can can send an email and say it is from anyone.

Something in its early stages is SPF - You can have a read here http://www.openspf.org/
Basically you add a DNS entry that says what IP/s can send email from your domain.  For this to work a 3rd partys mail server needs to actually perform an SPF check to see if the email from your domain really did originate from one of the specified IPs.  Its early days for SPF so not full proof by any stretch.

Worth taking a look at the link though for a bit of reading

Rob
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18847570
See my response and others in this question earlier today.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q__22490265.html

Basically there is close to nothing you can do as long as the messages are not originating from your domain.

Simon.
0
 
LVL 9

Expert Comment

by:robjeeves
ID: 18847638
The analogy I use is;

There is nothing to stop someone putting a post card in the postbox and saying its from santa clause.  It will still get delivered.

Rob

0
 

Author Comment

by:Drakin030
ID: 18850523
Hmm...Well I guess theres not alot I can do then. It stinks cause when they are sent alot of the times its sent to the address for all users. For instance "CentralOffice@<mydomain>.com

So everyone would get it. Argh, oh well.

So what should I do about the points thing...
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 250 total points
ID: 18850928
If you have an address that all users email, and no one from outside needs to email it, then change the SMTP address, put the address that is being abused in to a black hole and restrict the new group to internal people only.

Simon.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question