kesslerkare
asked on
Exchange letting spoofed emails through
I am running Exchange 2010 and we have a SPF record set including the exchange server's IP address. We are still getting spoofed incoming email and the header shows the following:
X-MS-Exchange-Organization -Antispam- Report: SenderOnRecipientSafeSende rsList
X-MS-Exchange-Organization -SCL: -1
Â
I have the SenderID enabled
Why does Exchange think this spoofed user is on the safe sender list when his originating IP does match our IP?
X-MS-Exchange-Organization
X-MS-Exchange-Organization
Â
I have the SenderID enabled
Why does Exchange think this spoofed user is on the safe sender list when his originating IP does match our IP?
Did u checked the safe sender list on Exchange?
ASKER
The safe sender list is empty. The other thing is that the spoofed email user is a local user email address, meaning the incoming email shows as coming from an internal user on the local domain. Do I need to enable the SenderId for Internal to catch this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.