RE: Protection against fake mails



You can also look at such technologies as SenderID which is supposed to help
guard against spoofing trusted domain names

-----Original Message-----
From: securityfocus2@xxxxxxxxxxxxxxxx
[mailto:securityfocus2@xxxxxxxxxxxxxxxx] On Behalf Of Mark Owen
Sent: Wednesday, 09 April, 2008 12:22
To: WALI
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Protection against fake mails


On Wed, Apr 9, 2008 at 12:37 PM, WALI <hkhasgiwale@xxxxxxxxx> wrote:
How do I guard against such emails originating from fake email
impersonations. Is there something I can do at our email gateway,
proxy or exchange sever (2003) levels?


Basic protection is to only allow e-mail originating from your domain name
to be allowed from a specific set of trusted mail servers. This will
protect you internally from fake e-mails spoofing your domain but will not
block other spoofed domains. Spoofed e-mails from other domains may be
blocked by relying on reverse DNS lookup and comparing the resultant domain
with that of the one specified in the e-mail, but this will also block
misconfigured servers and some sites on shared hosting. Long answer short,
if you don't want to miss any e-mails then theres really not much you can
do.

What you can do to prove that your domain is not spoofed is to enable
DomainKeys[1] on your server. If everyone did this then blocking fake
e-mails would be possible.

Hope this helps.



[1] http://en.wikipedia.org/wiki/DomainKeys




--
Mark Owen



Relevant Pages

  • Re: Groundhog Day?
    ... > receive and delete these e-mails, the same ones keep showing up. ... protection, and it will interfere with sending and receiving email by ... Error 0x800ccc0d or 0x800ccc0f When Receiving and Sending E-Mail ... (talks about Norton AntiVirus but applies to McAfee and others, ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • RE: Protection against fake mails
    ... It is not a foolproof solution but it is another rock we can throw ... Subject: Protection against fake mails ... name to be allowed from a specific set of trusted mail servers. ... Spoofed e-mails from other ...
    (Security-Basics)
  • Re: Help needed please - e mailing text from Word
    ... Most e-mails that I receive are in HTML, ... It's bad policy to play loose and *rely* on your protection to keep you ... IMHO, Ray's suggestion is spot on, I always read my mail in plain ...
    (uk.people.silversurfers)
  • Re: Fake Nokia N95
    ... That the phone is a fake is apparently beyond doubt. ... It also appears it wasn't the first fake sold by this vendor. ... He also has only limited Paypal protection. ...
    (uk.people.consumers.ebay)
  • Its me whos sending out the spam -- but not deliberately.
    ... I have been annoyed by frequent spams to my e-mail ... e-mails, from genuine webmasters and MailerDaemons, saying that the message ... sent from fake addresses on my computer, ... computer of whatever virus is causing the problem. ...
    (microsoft.public.windowsxp.help_and_support)