question

Pero-7573 avatar image
0 Votes"
Pero-7573 asked 47451047 commented

Exchange 2016 stop spoof mail with our domain name

Hello,

Our company is receiving a lot of spoof mails from various addresses. But biggest problem is these spoof mail domains are identical to our.

Today we got mail from "no-reply@our-domain.hr" with "strange" links. We can block this ip but this will not prevent another mail like "support@our-domain.hr" from another ip and it's just matter of time someone clicks on something malicious.

Is it possible to block "*@our-domain.hr" mails coming from any other address then the one are in SPF or specifically defined ?

Regards,
Pero

office-exchange-server-administration
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

2 Answers

AndyDavid avatar image
0 Votes"
AndyDavid answered AndyDavid commented

What are you using for anti-spam/anti-phishing?

You really need to buy a 3rd party product or use a 3rd party SMTP gateway to accept mail first. The built-in Exchange abilities are very limited.

· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Pero-7573 avatar image Pero-7573 ·

We are using Trend Micro Worry free Business Security. It is good antivirus but lacks some features.

Then I will have a problem.

0 Votes 0 ·
AndyDavid avatar image AndyDavid Pero-7573 ·

Ok, you really need to use a real anti-spam product :)

Using a transport rule will block any legit mail from third party vendors who are allowed to send as your domain.

0 Votes 0 ·
KaelYao-MSFT avatar image
0 Votes"
KaelYao-MSFT answered 47451047 commented

Hi Pero.

Please create a mail flow rule to see if it can help with this issue.
The rule would be like:
154451-02.png

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


02.png (20.5 KiB)
· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KaelYao-MSFT avatar image KaelYao-MSFT ·

Hi @Pero-7573

I am writing here to confirm with you how thing going now?
Please let us know if you would like further assistance.

0 Votes 0 ·
47451047 avatar image 47451047 KaelYao-MSFT ·

This rule works for some reason when forwarding messages.

0 Votes 0 ·