Problem with spoofed sender

**mickier** · 02-21-2010, 07:09 PM

Recently I'm having an issue with spoofed e-mail. Spoofed sender is nothing new, but in this case, they're sending the spoofed messages to our domain.

Example: user John@mydomain.com received a message "from" jane@mydomain.com advertising sexual enhancement products. Of course when you look at the header, the message actually came from some foreign e-mail server, with a spoofed "from" field =jane@mydomain.com

Here's my question - In this above situation, my own zimbra server accepted the message and delivered it to John. Isn't there any filter that I can use to realize that this message didn't actually originate from one of my "REAL" users? It was accepted without authentication for delivery within the same domain as the sender... Seems like there should be a way to block that!

I do not allow mail relay without authentication, and it would seem appropriate to find a way to also not allow mail from mydomain to mydomain without authentication or possibly without verifying the sending server's address or ???...

I realize that all mail to someone@mydomain is un-authenticated, (how else could they send to me?!) but seems like a fairly simple check = "was this message from mydomain? if it was from mydomain, do some sort of check to verify that it CAME from my domain...?

Any ideas anyone?

**veronica** · 02-22-2010, 02:57 AM

Generally I have seen in my setup that RBL's catch most if the sender spoofing addresses. What RBL's do you use ?

**uxbod** · 02-22-2010, 03:07 AM

SPAM sourced from virtual domain user to same user

Zimbra

Thread: Problem with spoofed sender

LinkBack

Thread Tools

Search Thread

Display

Problem with spoofed sender

Thread Information

Users Browsing this Thread

Similar Threads

Backup problem

[SOLVED] webmail relay problem

smtp table lookup problem

Problem with meeting invitations

[SOLVED] Small problem stopping zimbra

Posting Permissions