Block email faking to be from our domain but coming from outside?

David Jones djones at
Fri Jun 8 11:20:20 UTC 2018

On 06/08/2018 04:35 AM, Remco Barendse wrote:
> See more and more messages incoming with fraud attempts. The mail is 
> constructed to look like from someone in our organization sent it and is 
> addressed to people within the organization.
> Is there any way to block email with a sender that pretends to be coming 
> from but coming from outside?
> I use Exchange and all real email is coming only from Exchange, never 
> from outside.
> What would be the right way to do it?
> Also, some companies sign incoming email messages with a one liner as 
> the very first line of an email like :
> How to do that ? I found that MailScanner can sign messages but only at 
> the bottom of an email?

This might be a better question for the SpamAssassin Users list but I 
can help anyway.  Please post an example with minimal redacting to and send us a link.  There are about a dozen or two things 
that that can be tuned in SpamAssassin but I have a feeling that you can 
use the Message-ID header to determine spoofed inbound messages.

David Jones

More information about the MailScanner mailing list