Blocking spoofed email from entering mailserver 1

[RNW2]

Hello all,

What are your thoughts on this? We have recently added a new email domain to our server for a company that has joined our group. The MD of this company gets lots of spam addressed to him from his own email address. The spam is fairly innocuous so doesn't get blocked on content at either the gateway (Watchguard) or by Sophos PureMessage. Checking the logs on the Ex2k7 server the IP addresses that the spam comes from is virtually always different so blocking by IP is a no go.

I figure there must be a way to say to our exchange server if an email is received from the internet with one of our domain names as the sender address then block it.

Seems simple enough logic to me but I'd appreciate any thoughts.

We're running a single Exchange server. No Edge Transport.

Cheers

R

 

[cmeagan656]

See if your Sophos PureMessage or Watchguard have an option to check if the message has an internal From: address. We use XWall as our spam filter and block messages from the Internet that have an internal From: address.

Hope this helps.

Please help us help you. Read Tek-Tips posting polices before posting.
Canadian members check out Tek-Tips in Canada for socializing, networking, and anything non-technical.

 

[58sniper]

http://exchangepedia.com/2008/09/how-to-prevent-annoying-spam-from-your-own-domain.html

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.

http://www.ucblogs.net/blogs/exchange/

 

[RNW2]

Thanks guys.

We've not got that option on the Watchguard or within Pure Message but at least it's good to know there are filters that do it.

Pat, thanks for that article. Exactly what I needed.

R