On 2016-09-06 at 17:04 +0200, Lucio Crusca wrote: > Hello, > > I receive several spam emails from forged email addresses and so do my > customers. Most of the forged addresses are from one of the hosted > domains to a real user of the same hosted domain ([email protected] and > the like). > > Is it possibile to block messages apparently coming from one of the > hosted domains that use a non existing address as sender?
What's the SPF policy of your policy and how is your server reacting to the SPF of the received emails? I have found that a proper SPF policy is generally enough to discard most of the spoofs. Currently, the SPF policy of sulweb.org is "v=spf1 a mx ?all", ie. when a random IP address sends an email with a return address on your domain, it gives a neutral result. I don't know about your user practices, but generally I recommend to use a fail instead (-all). Nowadays, the email shall be sent from its legitimate email server, other systems shouldn't send mails stating that you should receive their errors. However, those spoofed emails probably also spoof the return header to be from your domain. (Courier allows applying spf results to the from: header, but that's much more problematic. I don't recommend discarding based on that, as that would conflict with legitimate uses, like mailing lists) Moreover, in addition of easily getting rid of spoofers of your own domain (and also people spoofing one of your assigned email addresses, not only fabricated ones), you state your legitimate sending IPs (so other email administrators can happiliy discard *spoofs* of your domain) and are also able to discard other people's spoofs. Regards ------------------------------------------------------------------------------ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
