Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 1 subscriber
  • Views 17037 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Stop Spoofed mail from FakeMail websites

robert.micallef
Hi,

We are using Sophos UTM 9.204-20 and have the EMail Protection Module.

Mail generated using spoofing websites like from emkei.cz and deadfake.com is being allowed to pass through. I tried spoofing our own domain as well as another domain. It is always being allowed to pass through. We have everything switched on in AntiSpam (ie: RDNS, BATV, RBL, Greylisting, SPF check), and it still is being allowed to pass.

The only solution is to Blacklist the whole domain (ex: Blacklist emkei.cz), but I hardly call that a solution as I don't know every domain that can be used to spoof senders and spoofed mail can really come from anywhere.

Is there a way to block these? I would have thought that a RDNS check would have instantly blocked these, but somehow they are being allowed.


This thread was automatically locked due to age.
Parents
  • 0
    Hi vilic,

    Thanks a lot for the suggestions. It would never have crossed my mind to actually blacklist our own domain. We have left it a day running and it worked perfectly. Some minor problems here and there (due to incorrectly configured automated alerts) but it worked.

    Thanks a lot! Much appreciated.
  • 0 in reply to robert.micallef
    Hi Vilic [:)]
    Im also geting same issue.And as per your suggestion if i put my domain name in blacklist it will block my domain also right?

    Thanks
    Thastu
Reply Children
Unfiltered HTML