How to block emails that FROM doesn't belongs to server domain list

Sergio secmas at
Thu Aug 16 21:19:38 IST 2012

Thank all for your inputs.

What happens is this:
My server is not Open Relayed and it has SPF and DOMAINKEYS in it and that
is working great. The problem is when a hacker has obtained the password
from an account, so, it can send emails authenticating with the account
that has been compromised. When a hacker has access to an account (I am
almost sure that any one on the list has seen this), he sends emails but
the FROM is changed to something that is not a domain on the server, that
is what I am looking to stop.

Maybe a rule that could check that the FROM is not the same as the
authenticated domain.

Could this be done?

Best Regards,

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the MailScanner mailing list