I am running Exchange 2010 and we have a SPF record set including the exchange server's IP address. We are still getting spoofed incoming email and the header shows the following:
Why does Exchange think this spoofed user is on the safe sender list when his originating IP does match our IP?
Email Servers
Last Comment
Systech Admin
8/22/2022 - Mon
Systech Admin
Did u checked the safe sender list on Exchange?
kesslerkare
ASKER
The safe sender list is empty. The other thing is that the spoofed email user is a local user email address, meaning the incoming email shows as coming from an internal user on the local domain. Do I need to enable the SenderId for Internal to catch this?