Setting and SPF policy will do what you want. If you set up the SPF TEXT record in DNS for your domain to specify that mail sent from your domain should only come from your servers, and set the weight of SPFFAIL in Declude to at least your hold weight, then you should be able to filter.
The only exception to this is if you have users with their own address in their webmail address book, and have Declude configured to whitelist addresses in the user's webmail address book. Since most spam that forges your domain forges the email address of the user to which the spam is being sent, and there is really no need for the user to have their own address in their webmail address book, then removing it should not be a problem. Hope this helps, Darin. ----- Original Message ----- From: "Richard Lyon" <rl...@piolaxusa.com> To: <declude.junkmail@declude.com> Sent: Friday, June 26, 2009 8:03 AM Subject: [Declude.JunkMail] Enforce spf record for one domain Greetings all, We are getting lots of spam that has faked our "from" addresses. I would like to move all from "@piolaxusa.com" email that doesn't originate from our mail server to a central account. I'm pretty sure none of employees go through anything else, even when using their laptops from home. I would prefer to do this via spf records, since we will be changing ips soon. I am not, however, figuring out how to do this. Can anyone point me in the right direction? Thanks! --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.