Solved

Spam/Spoofed Email <fakeuser@ourdomain.com>

Posted on 2007-04-03
5
339 Views
Last Modified: 2010-04-19
We have had an issue with Spoofed emails for some time now.

For instance we will recieve an email from <xff@OurDomain.com>

How can we prevent fake emails that have our domain on the address from being sent? We run a single Exchange 2003 server with Symantec 10.0
0
Comment
Question by:Drakin030
  • 2
  • 2
5 Comments
 
LVL 9

Accepted Solution

by:
robjeeves earned 250 total points
ID: 18847310
It's tricky because anyone can can send an email and say it is from anyone.

Something in its early stages is SPF - You can have a read here http://www.openspf.org/
Basically you add a DNS entry that says what IP/s can send email from your domain.  For this to work a 3rd partys mail server needs to actually perform an SPF check to see if the email from your domain really did originate from one of the specified IPs.  Its early days for SPF so not full proof by any stretch.

Worth taking a look at the link though for a bit of reading

Rob
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18847570
See my response and others in this question earlier today.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q__22490265.html

Basically there is close to nothing you can do as long as the messages are not originating from your domain.

Simon.
0
 
LVL 9

Expert Comment

by:robjeeves
ID: 18847638
The analogy I use is;

There is nothing to stop someone putting a post card in the postbox and saying its from santa clause.  It will still get delivered.

Rob

0
 

Author Comment

by:Drakin030
ID: 18850523
Hmm...Well I guess theres not alot I can do then. It stinks cause when they are sent alot of the times its sent to the address for all users. For instance "CentralOffice@<mydomain>.com

So everyone would get it. Argh, oh well.

So what should I do about the points thing...
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 250 total points
ID: 18850928
If you have an address that all users email, and no one from outside needs to email it, then change the SMTP address, put the address that is being abused in to a black hole and restrict the new group to internal people only.

Simon.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now