troubleshooting Question

Exchange 2010 - Spoofing of Internal Email Address Inbound (Accepted Domains)

Avatar of Ivan Keleher
Ivan KeleherFlag for Australia asked on
ExchangeEmail ServersAntiSpamVulnerabilitiesMicrosoft Server OS
11 Comments5 Solutions245 ViewsLast Modified:
I have been battling with trying to mitigate inbound phishing emails to our staff. The email FROM header address is that of valid staff to other staff requesting information with a REPLY-TO the fraudster.

I have previously stopped these by enabling SENDER ID rejections on the Exchange 2010 Edge servers.

Unfortunately this prevents valid emails coming in from the internet where organisations neglect to add their SMTP servers to SPF records.

Is there a way to specifically block these emails for our Accepted Domains? Our own SPF records cover all SMTP servers internally and EDM.


Thank you.
SOLUTION
Ivan
System Engineer

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 5 Answers and 11 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 5 Answers and 11 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros