We help IT Professionals succeed at work.
Get Started
Exchange 2013 Stop Spoof Emails from Internal addresses
New migration from Exchange 2010 to Exchange 2013 latest patch.
Symantec Mail Security for Exchange (latest version).
Internal users receiving small amounts of phishing emails from spoofed domain email address.
e.g. user1@microsoft.co.uk recieves email from user2@microsoft.com claiming to be internal user.
If you click reply then the reply address is obviously a different email domain account (malicious user).
This is a single installation of Exchange, internet facing.
In an earlier post Simon Butler suggested that this installation is "fine"....and also quotes...
"Sender ID etc is no good unless you have your own domain setup correctly.
You need to put in SPF records in to the DNS. If your internal DNS domain name matches your external then you will also need SPF records on your internal DNS. "
Please can anyone explain this further?
Is there anywhere written that explains exactly how to stop this behavior in Exchange 2013?
Also I noticed that in my Exchange Admin Centre, under "protection" section I cannot see "antispam" feature installed, only "MALWARE feature".
In Exchange 2010 Antispam settings were setup correctly, but I cant find them in Exchange 2013.
I should note that these phishing emails are going into Outlook client "junk" folder, but still I would like to be more protected.
Symantec Mail Security for Exchange (latest version).
Internal users receiving small amounts of phishing emails from spoofed domain email address.
e.g. user1@microsoft.co.uk recieves email from user2@microsoft.com claiming to be internal user.
If you click reply then the reply address is obviously a different email domain account (malicious user).
This is a single installation of Exchange, internet facing.
In an earlier post Simon Butler suggested that this installation is "fine"....and also quotes...
"Sender ID etc is no good unless you have your own domain setup correctly.
You need to put in SPF records in to the DNS. If your internal DNS domain name matches your external then you will also need SPF records on your internal DNS. "
Please can anyone explain this further?
Is there anywhere written that explains exactly how to stop this behavior in Exchange 2013?
Also I noticed that in my Exchange Admin Centre, under "protection" section I cannot see "antispam" feature installed, only "MALWARE feature".
In Exchange 2010 Antispam settings were setup correctly, but I cant find them in Exchange 2013.
I should note that these phishing emails are going into Outlook client "junk" folder, but still I would like to be more protected.
Why Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
- Troubleshooting
- Research
- Professional Opinions
Did You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE