Avatar of Ivan Keleher
Ivan Keleher
Flag for Australia

asked on 

Exchange 2010 - Spoofing of Internal Email Address Inbound (Accepted Domains)

I have been battling with trying to mitigate inbound phishing emails to our staff. The email FROM header address is that of valid staff to other staff requesting information with a REPLY-TO the fraudster.

I have previously stopped these by enabling SENDER ID rejections on the Exchange 2010 Edge servers.

Unfortunately this prevents valid emails coming in from the internet where organisations neglect to add their SMTP servers to SPF records.

Is there a way to specifically block these emails for our Accepted Domains? Our own SPF records cover all SMTP servers internally and EDM.

Thank you.
ExchangeEmail ServersAntiSpamVulnerabilitiesMicrosoft Server OS

Avatar of undefined
Last Comment
Jian An Lim

8/22/2022 - Mon