Messaging Gateway

Since I've upgraded from v8 to v9, I'm having problems with spam that says it's from one of our internal domains but is being sent from an external server.  I'm pretty sure v8 had a method of enforcing that email from internal domains could only be sent from internal mail servers.  Is there a way to enforce this on v9?

Thanks - Chris

This is best done by adding your own domain to the Local Bad Sender's Domains list.

But check that your company isn't using a 3rd party to send e-mails on your behalf, usually marketing, or an outsourced service like payroll/hr.  You'll need to add them to your local good senders  list.

I don't think adding our domains to the bad sender's list is an acceptable solution, however I would be willing to try this.  First, could you take a look at the message headers below and tell me if there is a way to block them without blocking legit undeliverables?

X-AuditID: 18270163-b7b77ae000000d0a-b1-4bc541c2b346
Received: from [137.54.25.115] (d-199-183-215.bootp.Virginia.EDU
 [199.111.183.215])      by <MYSERVER> () with SMTP id
 77.D1.03338.2C145CB4; Wed, 14 Apr 2010 00:17:07 -0400 (EDT)
From: Super anti-ed meds <MYEM@AIL>
To: <MYEM@AIL>
Subject: Welcome, clibby. 75% cut prices oxecu
Date: Tue, 13 Apr 2010 22:18:40 -0400
MIME-Version: 1.0
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Bmi-Source: external
X-Brightmail-Tracker: AAAABROO3boTkorHE5fcRhOX/hUTtLYU


 

Adding your own domain to the local bad senders should work, unless you have an external company doing some of your mailing.

I don't understand your question about blocking the example.  the tracker looks pretty spamy to me, wouldn't spam filters block this?

Have you published SPF or DKIM records?  You can validate mail is from your domain using policy around that.