Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Blocking spoofed email from entering mailserver 1

Status
Not open for further replies.

RNW2

Technical User
Feb 10, 2009
70
GB
Hello all,

What are your thoughts on this? We have recently added a new email domain to our server for a company that has joined our group. The MD of this company gets lots of spam addressed to him from his own email address. The spam is fairly innocuous so doesn't get blocked on content at either the gateway (Watchguard) or by Sophos PureMessage. Checking the logs on the Ex2k7 server the IP addresses that the spam comes from is virtually always different so blocking by IP is a no go.

I figure there must be a way to say to our exchange server if an email is received from the internet with one of our domain names as the sender address then block it.

Seems simple enough logic to me but I'd appreciate any thoughts.

We're running a single Exchange server. No Edge Transport.

Cheers

R
 
See if your Sophos PureMessage or Watchguard have an option to check if the message has an internal From: address. We use XWall as our spam filter and block messages from the Internet that have an internal From: address.

Hope this helps.

Please help us help you. Read Tek-Tips posting polices before posting.
Canadian members check out Tek-Tips in Canada for socializing, networking, and anything non-technical.
 
Thanks guys.

We've not got that option on the Watchguard or within Pure Message but at least it's good to know there are filters that do it.

Pat, thanks for that article. Exactly what I needed.

R
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top