Messaging Gateway

Hi All,

I'm using Symantec Messaging gateway appliance v10.5.4

Just recently I've received multiple spam email to some of my internal AD user & Exchange Shared mailboxes.

The sender was from Network.Scanner@mydomain.com but the Originated IP and the email subject is always randomly changed.

How can I prevent the SPAM from external sender spoofing as internal sender to my domain safely ?

Hi Santana I am facing the same problem , did you get any sucuess in addressing this problem , if yes then would you please like to share your workaround with me?  Thanks

Hello Pete firstly thank you for replying to this post and referencing the TechNote. However the problem sometimes is with the user education as well. For example consider the below scenerio.

the actual domain name of the organization is galaxy.com . an intruder tries to spoof the domain via replacing a single character in the actual domain name like this galaXy.com or galaxY.com  so that the end users recieiving the email would hastly review it . 

I have one of the customers who are constantly facing such kinds of phishing attacks where the attacker is constantly rotaiting the characters in the domain so in this case adding the domain in bad senders group or creating a compliance rule to block such email which are spoofed from the domain are somewhat less effective to block such kind of attacks 

@SymSpec no not yet.

I would ask that you verify this. Our local bad sender domain functionality is not case sensitive, so you should not be seeing behavior like that.