Message Image

Skip main navigation (Press Enter).

Messaging Gateway

View Only

Back to discussions

Expand all | Collapse all

Spoofed Email

Migration UserJul 10, 2015 07:22 AM

Hello All, One of the users has received a spoofed email from a similar domain name as ours but instead ...

SSE-JDavisJul 23, 2015 11:09 AM

Without specifics, it's hard to tell. There is most likely a CNAME or other DNS result you are miss ...

1. Spoofed Email

0 Recommend
Migration User
Posted Jul 10, 2015 07:22 AM

Reply Reply Privately
Hello All,

One of the users has received a spoofed email from a similar domain name as ours but instead with a .com.

Spoofed domain; domain.com (we don't own this domain)

Our domain: Domain.co.uk

The user has replied (thought it was from her boss) and i can see from the logs the email is sent successfully. From further investigation i found the delivery address is different for the domain.com from their Mx record. How is this possible?

Reply Delivered to: 64.98.36.4

Actual MX for domain.com: 208.44.162.49

What i don't understand is if the user replied the email shouldn't have relayed successfully as this is spoofed and not the actual delivery address for this domain (domain.com)?
2. RE: Spoofed Email

0 Recommend
Broadcom Employee

SSE-JDavis
Posted Jul 23, 2015 11:09 AM

Reply Reply Privately
Without specifics, it's hard to tell. There is most likely a CNAME or other DNS result you are missing.

Copyright 2019. All rights reserved.

Powered by Higher Logic