Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why
Exchange 2013 Stop Spoof Emails from Internal addresses
New migration from Exchange 2010 to Exchange 2013 latest patch.
Symantec Mail Security for Exchange (latest version).
Internal users receiving small amounts of phishing emails from spoofed domain email address.
e.g. user1@microsoft.co.uk recieves email from user2@microsoft.com claiming to be internal user.
If you click reply then the reply address is obviously a different email domain account (malicious user).
This is a single installation of Exchange, internet facing.
In an earlier post Simon Butler suggested that this installation is "fine"....and also quotes...
"Sender ID etc is no good unless you have your own domain setup correctly.
You need to put in SPF records in to the DNS. If your internal DNS domain name matches your external then you will also need SPF records on your internal DNS. "
Please can anyone explain this further?
Is there anywhere written that explains exactly how to stop this behavior in Exchange 2013?
Also I noticed that in my Exchange Admin Centre, under "protection" section I cannot see "antispam" feature installed, only "MALWARE feature".
In Exchange 2010 Antispam settings were setup correctly, but I cant find them in Exchange 2013.
I should note that these phishing emails are going into Outlook client "junk" folder, but still I would like to be more protected.
Symantec Mail Security for Exchange (latest version).
Internal users receiving small amounts of phishing emails from spoofed domain email address.
e.g. user1@microsoft.co.uk recieves email from user2@microsoft.com claiming to be internal user.
If you click reply then the reply address is obviously a different email domain account (malicious user).
This is a single installation of Exchange, internet facing.
In an earlier post Simon Butler suggested that this installation is "fine"....and also quotes...
"Sender ID etc is no good unless you have your own domain setup correctly.
You need to put in SPF records in to the DNS. If your internal DNS domain name matches your external then you will also need SPF records on your internal DNS. "
Please can anyone explain this further?
Is there anywhere written that explains exactly how to stop this behavior in Exchange 2013?
Also I noticed that in my Exchange Admin Centre, under "protection" section I cannot see "antispam" feature installed, only "MALWARE feature".
In Exchange 2010 Antispam settings were setup correctly, but I cant find them in Exchange 2013.
I should note that these phishing emails are going into Outlook client "junk" folder, but still I would like to be more protected.
Asked:
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
woo, thanks.
I will have a read through that lot!
Built in 2013 Antispam? I cannot find it in my installation.
I will have a read through that lot!
Built in 2013 Antispam? I cannot find it in my installation.
Microsoft Exchange Server 2013 customers are automatically provided with anti-spam and anti-malware protection to get in detailed please check this: https://technet.microsoft.com/en-us/library/jj150481%28v=exchg.150%29.aspx
Hi Vincent,
Many thanks for your advice.
Could you explain the " block your own domain with sender filtering:" bit?
That's a bit confusing.
Many thanks for your advice.
Could you explain the " block your own domain with sender filtering:" bit?
That's a bit confusing.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange
From novice to tech pro — start learning today.
-
Business CommunicationCertification: PMI RMP Project Management Institute Risk Management… 113 lessons
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with premium.
Start your 7-day free trial.
If you are using the builtin 2013 antispam then block your own domain with sender filtering: https://technet.microsoft.com/en-us/library/bb124087%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396
You may also take help from below given earlier discussed thread -
Preventing Email Spoofing on Exchange Server 07,10 & 13: https://social.technet.microsoft.com/Forums/en-US/58c243da-5f77-4909-bc72-9fba82041c17/preventing-email-spoofing-on-exchange-server-0710-13?forum=exchangesvrsecuremessaging
Internal user sending phishing/spoofed email: https://social.technet.microsoft.com/Forums/en-US/79ed7409-3a60-4c48-9e32-6fe4dc51bf96/internal-user-sending-phishingspoofed-email?forum=exchangesvradmin
Hope it helps you!