Block email faking to be from our domain but coming from outside?
mailscanner at barendse.to
Mon Jun 11 09:37:08 UTC 2018
Thanks for your comments and help :)
Tried the rules below but From:mydomain.com stops all inbound email with a
relaying denied message even though i have mydomain.com in the
I tried adding :
But then when i telnet to the mailserver it still says :
MAIL FROM: <support at mydomain.com>
250 2.1.0 <support at mydomain.com>... Sender ok
Also, now have a simple line with ip of the exchange server and RELAY
behind it, when i change that Connect:localip OK
it doesn't relay mail anymore.
I am missing something very obvious here?
On Fri, 8 Jun 2018, Peter Lemieux wrote:
> I find these problems more easily resolved at the SMTP level. I use sendmail
> and its access.db mechanism for this task. My /etc/mail/access file permits
> mail from localhost and specific local networks, then has a generic REJECT
> rule for any other mail with From's spoofing my domain. Something like this:
> Connect:127.0.0.1 RELAY
> Connect:10.10.10. RELAY
> From:mydomain.com REJECT
> . REJECT
> You could replace 10.10.10. with the Exchange server's IP.
> I also manage a postfix server where we use a different method. In main.cf
> we have
> smtpd_sender_restrictions = reject_unknown_sender_domain,
> check_sender_access pcre:/etc/postfix/sender_access
> and the sender_access file contains
> # no mail from outsiders claiming to be us
> /\.mydomain\.com$/ REJECT
> See "man access" and http://www.postfix.org/SMTPD_ACCESS_README.html.
> On 06/08/2018 05:35 AM, Remco Barendse wrote:
>> See more and more messages incoming with fraud attempts. The mail is
>> constructed to look like from someone in our organization sent it and is
>> addressed to people within the organization.
>> Is there any way to block email with a sender that pretends to be coming
>> from @myowndomain.com but coming from outside?
>> I use Exchange and all real email is coming only from Exchange, never from
>> What would be the right way to do it?
More information about the MailScanner