Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1133 Views 2 Replies Latest reply: Mar 2, 2013 4:49 AM by Attila Polinger RSS
mjmurra Champion 374 posts since
Jul 27, 2010
Currently Being Moderated

Dec 12, 2012 2:13 PM

Blocking email with both sender&recipient domain same as internal domain (EWS 5.6)

Say you have OrganisationA.com , if an email comes from external with the sender address of fred@organisationA.com, and it is addressed to john@organisationA.com what is the best way to block this?

 

Best way so far I've worked out is to create a policy looking for *@organisationA.com in both the sender/recipient addresses, then using a blacklist in that policy for *@organisationA.com to then quarantine it.

 

Doesn't seem the best way. Any other suggestions?

  • ews_crusader Newcomer 3 posts since
    Oct 6, 2011

    Helo,

     

    go to email -> email configuration -> receiving email -> permit and deny lists -> Permitted and blocked senders

     

    put your internal email server ip to "permitted senders"

     

    and your Domain into "blocked senders"

     

    Emails from senders / networks / domains in this list are always refused unless overridden by an entry in the permitted senders list.

     

  • Attila Polinger Veteran 1,161 posts since
    Dec 8, 2009

    Hello,

     

    a possible alternative to Permitted/Denied Senders/IPs is to make use of SPF filtering in sender authentication section of the policy you use for filtering inbound email primarily. This also implies having a what is called SPF TXT record in your DNS server facing the internet. In this SPF record your organization would list what IP/domain is permitted to send mail on your behalf. Once that is in place, you can activate the SPF filtering in the email filtering policy.

     

    SPF filtering is otherwise useful if you do not have your own SPF TXT record, because many organizations out there do, and you can filter mail with fake senders from those organizations.

     

    Attila

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points