Block email faking to be from our domain but coming from outside?
mailscanner at replies.cyways.com
Fri Jun 8 15:48:26 UTC 2018
I find these problems more easily resolved at the SMTP level. I use
sendmail and its access.db mechanism for this task. My /etc/mail/access
file permits mail from localhost and specific local networks, then has a
generic REJECT rule for any other mail with From's spoofing my domain.
Something like this:
You could replace 10.10.10. with the Exchange server's IP.
I also manage a postfix server where we use a different method. In main.cf
smtpd_sender_restrictions = reject_unknown_sender_domain,
and the sender_access file contains
# no mail from outsiders claiming to be us
See "man access" and http://www.postfix.org/SMTPD_ACCESS_README.html.
On 06/08/2018 05:35 AM, Remco Barendse wrote:
> See more and more messages incoming with fraud attempts. The mail is
> constructed to look like from someone in our organization sent it and is
> addressed to people within the organization.
> Is there any way to block email with a sender that pretends to be coming
> from @myowndomain.com but coming from outside?
> I use Exchange and all real email is coming only from Exchange, never from
> What would be the right way to do it?
More information about the MailScanner