RE: Protection against fake mails
- From: "Jens C. Laundrup" <laundrup@xxxxxxxxxxx>
- Date: Thu, 10 Apr 2008 10:14:23 -0700
You can also look at such technologies as SenderID which is supposed to help
guard against spoofing trusted domain names
[mailto:securityfocus2@xxxxxxxxxxxxxxxx] On Behalf Of Mark Owen
Sent: Wednesday, 09 April, 2008 12:22
Subject: Re: Protection against fake mails
On Wed, Apr 9, 2008 at 12:37 PM, WALI <hkhasgiwale@xxxxxxxxx> wrote:
How do I guard against such emails originating from fake email
impersonations. Is there something I can do at our email gateway,
proxy or exchange sever (2003) levels?
Basic protection is to only allow e-mail originating from your domain name
to be allowed from a specific set of trusted mail servers. This will
protect you internally from fake e-mails spoofing your domain but will not
block other spoofed domains. Spoofed e-mails from other domains may be
blocked by relying on reverse DNS lookup and comparing the resultant domain
with that of the one specified in the e-mail, but this will also block
misconfigured servers and some sites on shared hosting. Long answer short,
if you don't want to miss any e-mails then theres really not much you can
What you can do to prove that your domain is not spoofed is to enable
DomainKeys on your server. If everyone did this then blocking fake
e-mails would be possible.
Hope this helps.