The sender of an SMTP Email can be spoofed and appear to originate from any address. Commonly, spammers may send e-mail that appears to originate from your own domain.
First seen in Sophos Email Appliance
The Sophos Email Appliance will scan these e-mails for spam, according to your policy. No special actions are necessary. However, some administrators may wish to block these 'spoofed' e-mails by default. Follow the instructions below:
Make sure your own domain has not been incorrectly whitelisted as a sender address. If necessary remove the domain from:
Configuration > Policy > Allow/Block Lists > Allowed Hosts/Senders
These steps will block the E-Mail when your domain name has been used in either:
Add the domain to:
Configuration > Policy > Allow/Block Lists > Block Lists > Blocked Hosts/Senders > Senders
For example, add: @mydomain.tld
Note, that global block lists only apply to mail from external hosts. Outgoing mail will not be affected.
Before using this configuration in production, consider whether any legitimate senders need to spoof your domain name. For example, an external web hosting solution may send you e-mails from firstname.lastname@example.org. These hosts must be exempt from the Anti-Spoofing rules using the Allowed Hosts option (Allowed Hosts/Senders take precedence over Blocked Hosts/Senders).
You should also ensure your list of internal hosts is correctly configured, so outbound mail is not affected. Enter the IP of any devices that are allowed to send outgoing e-mail in: Configuration > Routing > Internal Hosts
Configuration > Routing > Internal Hosts
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.