Solved

How can I prevent invalid e-mails bearing my domain name?

Posted on 2008-11-03
6
266 Views
Last Modified: 2012-05-05
e-mails are currently going around, with an e-mail address that bears my domain name. How can I prevent this? I have checked and there is no such e-mail address on my exchange server 2003. I have a sonicwall firewall NSA 3500.
0
Comment
Question by:bobox00
6 Comments
 
LVL 28

Assisted Solution

by:chilternPC
chilternPC earned 100 total points
ID: 22868399
someone has hijacked your email name - its very easy to set up an email with a fake (or someone elses) email address as the return address, this enables spammers to flood the market and the return addresses get the flak
to stop emails being recieved for unknown users:
on your exchange you can configure the catch all email to simply reject unknown email addresses.
0
 
LVL 97

Accepted Solution

by:
war1 earned 200 total points
ID: 22868458
Hello bobox00,

Make sure your computer is not an open relay
http://www.postcastserver.com/help/Blocking_Open_Relays.aspx
and
http://support.microsoft.com/kb/324059

If you have control of the server, you can Integrate SPF and DomainKeys, which would help to stop spoofing in the future:

SPF:
http://www.openspf.org/

DomainKeys:
http://domainkeys.sourceforge.net/

Hope this helps!
war1
0
 

Author Comment

by:bobox00
ID: 22869052
Will a security certificate help prevent people from using my domain name to send e-mails illegitimately?
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 100 total points
ID: 22870710
Well the problem with emails is everyone can run a mailer sending spam with any email address.

All you can make sure, as war1 points out is that receiving email servers drop all emails with your sitename that is not SPF signed: http://www.openspf.org/FAQ/What_is_SPF

Still any mailer not using SPF will receive your emails and send them to the associated receivers.

Of cause antispam measures can be still intact.

Tolomir
0
 
LVL 1

Assisted Solution

by:maximaal
maximaal earned 100 total points
ID: 22894750
We had the same problem.
We installed GFI Mailessentials and followed:
http://forums.gfi.com/Spoofed_SPAM_from_MIME_FROM_addresses_that_SPF-FAIL/m_900759763/tm.htm

problem solved.
0
 

Author Closing Comment

by:bobox00
ID: 31512751
Thanks guys.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
The purpose of this video is to demonstrate how to set up a Mailchimp campaign. This will include styling and adding elements to a newsletter/email. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchim…
The purpose of this video is to demonstrate how to set up Lists in Mailchimp. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchimp account. : Click on Lists. Click on Create List Button : Choose the desi…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now