I came across this article from Henrik Walther that explains to stop spam coming in to your organization an acting like it is being sent inside.
QUESTION:
It seems like our organization are hit by self-sending spam these days. Spam where *@mycompany.com is used as the sender address, which means the messages are seen as valid by our anti-spam solution.
Do you have any tips on how to stop these types of spam attacks?
ANSWER:
There are two very good things you can do in order to fight back! The first is to add your own domain to the Sender Filtering agent on an Exchange 2007 Hub or Edge Transport server as shown below.
�
Figure 5
If you use another anti-spam solution, you should just make sure to add the domain to the blacklist.
The second thing to do is to create a SPF record for your domain on the external DNS servers hosting your domain.
With these two simple steps you should see an instant reduction of the number of self-sending spam mails you receive.
Microsoft has a web-based wizard that will help you create this record. You can find the wizard here.
Recent Comments