Block email faking to be from our domain but coming from outside?
djones at ena.com
Fri Jun 8 11:20:20 UTC 2018
On 06/08/2018 04:35 AM, Remco Barendse wrote:
> See more and more messages incoming with fraud attempts. The mail is
> constructed to look like from someone in our organization sent it and is
> addressed to people within the organization.
> Is there any way to block email with a sender that pretends to be coming
> from @myowndomain.com but coming from outside?
> I use Exchange and all real email is coming only from Exchange, never
> from outside.
> What would be the right way to do it?
> Also, some companies sign incoming email messages with a one liner as
> the very first line of an email like :
> "THIS EMAIL ORIGINATED FROM OUTSIDE OUR ORGANIZATION"
> How to do that ? I found that MailScanner can sign messages but only at
> the bottom of an email?
This might be a better question for the SpamAssassin Users list but I
can help anyway. Please post an example with minimal redacting to
pastebin.com and send us a link. There are about a dozen or two things
that that can be tuned in SpamAssassin but I have a feeling that you can
use the Message-ID header to determine spoofed inbound messages.
More information about the MailScanner