• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 400
  • Last Modified:

Spam/Spoofed Email <fakeuser@ourdomain.com>

We have had an issue with Spoofed emails for some time now.

For instance we will recieve an email from <xff@OurDomain.com>

How can we prevent fake emails that have our domain on the address from being sent? We run a single Exchange 2003 server with Symantec 10.0
0
Drakin030
Asked:
Drakin030
  • 2
  • 2
2 Solutions
 
robjeevesCommented:
It's tricky because anyone can can send an email and say it is from anyone.

Something in its early stages is SPF - You can have a read here http://www.openspf.org/
Basically you add a DNS entry that says what IP/s can send email from your domain.  For this to work a 3rd partys mail server needs to actually perform an SPF check to see if the email from your domain really did originate from one of the specified IPs.  Its early days for SPF so not full proof by any stretch.

Worth taking a look at the link though for a bit of reading

Rob
0
 
SembeeCommented:
See my response and others in this question earlier today.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q__22490265.html

Basically there is close to nothing you can do as long as the messages are not originating from your domain.

Simon.
0
 
robjeevesCommented:
The analogy I use is;

There is nothing to stop someone putting a post card in the postbox and saying its from santa clause.  It will still get delivered.

Rob

0
 
Drakin030Author Commented:
Hmm...Well I guess theres not alot I can do then. It stinks cause when they are sent alot of the times its sent to the address for all users. For instance "CentralOffice@<mydomain>.com

So everyone would get it. Argh, oh well.

So what should I do about the points thing...
0
 
SembeeCommented:
If you have an address that all users email, and no one from outside needs to email it, then change the SMTP address, put the address that is being abused in to a black hole and restrict the new group to internal people only.

Simon.
0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now