Re: [qmailtoaster] handling email spoofing

[Tony White]

Rajesh,
  Have you tested your SPF record setup?
http://www.kitterman.com/spf/validate.html


best wishes
  Tony White


On 30/08/2016 22:57, Rajesh M wrote:

eric

spf checks the envelope sender (reply to) and not the "mailfrom" email id

the spammer is sending an email with "mail from" as some user on my server

example c...@mycustomer.com to emplo...@mycustomer.com

but email is sent not from within my server but from some other external server.

the scammer however has the envelope-sender / reply to as his legitimate email 
id and correctly configured. the qmailtoaster spf check is done not on the 
mailfrom but on the reply-to and the email gets delivered safely to the inbox 
of the employee.

now what happens is that the employee sees that the email is from the ceo and 
immediately takes action which leads to a phishing scam.

i wish to block emails where the mailfrom domain is on my server but the scam 
email is sent by a spammer from an external server posing as 
c...@mycustomer.com ... in other words email spoofing.

thanks,
rajesh




----- Original Message -----
From: Eric [mailto:ebr...@whitehorsetc.com]
To: qmailtoaster-list@qmailtoaster.com
Sent: Sun, 28 Aug 2016 13:03:16 -0600
Subject:

Do you have an spf text record set up for domain_on_my_server.com?
SPF should check the 'a' and 'mx' record for the domain,
domain_on_my_server.com, against the sender IP address (the one that
actually connected to you server). Are you saying that the spam sender
is spoofing the originating IP address?

On 8/28/2016 7:14 AM, Rajesh M wrote:

hi

facing issue with email spoofing

example spammer sends an email with "mailfrom" as : user@domain_on_my_server.com

and the envelope sender is the spammer's email id which has spf records 
correctly in place

and hence spf is not able to catch such spammers.

how do i handle this ?

thanks
rajesh







---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com




---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com