Recently I'm having an issue with spoofed e-mail. Spoofed sender is nothing new, but in this case, they're sending the spoofed messages to our domain.
Example: user John@mydomain.com received a message "from" firstname.lastname@example.org advertising sexual enhancement products. Of course when you look at the header, the message actually came from some foreign e-mail server, with a spoofed "from" field =email@example.com
Here's my question - In this above situation, my own zimbra server accepted the message and delivered it to John. Isn't there any filter that I can use to realize that this message didn't actually originate from one of my "REAL" users? It was accepted without authentication for delivery within the same domain as the sender... Seems like there should be a way to block that!
I do not allow mail relay without authentication, and it would seem appropriate to find a way to also not allow mail from mydomain to mydomain without authentication or possibly without verifying the sending server's address or ???...
I realize that all mail to someone@mydomain is un-authenticated, (how else could they send to me?!) but seems like a fairly simple check = "was this message from mydomain? if it was from mydomain, do some sort of check to verify that it CAME from my domain...?
Any ideas anyone?