Typically your exchange server is inside your firewall/perimeter. Therefore, anything SMTP connecting from the outside of your firewall claiming to be from your Mail From domain is not from you.
On Wed, Aug 21, 2019 at 3:49 AM Blason R <blaso...@gmail.com> wrote: > " As was pointed out, the display name is free form but you can set a rule > to block if the email address in a display name doesn't match the email > address in the From email address." > > Is that such policy available? I am not sure about excahgne but AFAIK most > of the AntiSpams does not offer such policy. Or is there mechanism you are > talking about DMARC? > > On Wed, Aug 21, 2019 at 12:51 PM Dotzero <dotz...@gmail.com> wrote: > >> SPF/DKIM/DMARC can help on the inbound side. You already know which hosts >> your own email originate from so you can block just based on that knowledge >> as well. As was pointed out, the display name is free form but you can set >> a rule to block if the email address in a display name doesn't match the >> email address in the From email address. >> >> Michael Hammer >> >> On Tue, Aug 20, 2019 at 10:59 PM Blason R via dmarc-discuss < >> dmarc-discuss@dmarc.org> wrote: >> >>> Thanks a nice solutions and description however my questions was for >>> DMARC for incoming mails. >>> >>> On Tue, Aug 20, 2019 at 9:05 PM Pete Holzmann <webbed.p...@gmail.com> >>> wrote: >>> >>>> I realize this is a Very Late Response to Blason's query... (I've had >>>> serious medical challenges this year; "should" be dead yet here I am ;) ) >>>> >>>> I thought you might be encouraged by our experience. >>>> >>>> *Scenario:* >>>> - We have a Very Old Domain (ds.org) that's ONLY used for >>>> infrastructure. NOT web, and not even sending/receiving email ( >>>> u...@ds.org). Yet our email server is aster.ds.org >>>> - In spite of not sending any email, more and more we were being marked >>>> as spammers by various block lists. >>>> - If you think about it, we have a perfect honeypot for spam. ANY email >>>> to or from that domain is by definition invalid :) :) >>>> >>>> *Solution:* >>>> - I finally implemented SPF, DKIM and DMARC... >>>> - *WHAM!!! * Over a thousand spams a day (mostly from Asia) were being >>>> sent faking our domain as source. >>>> - Challenge #1: our DMARC report processor initially had to tweak a few >>>> things. We're honestly not a large volume emailer... yet they were >>>> processing quite a few records ;) >>>> - Challenge #2: we ended up implementing "non standard" subdomain >>>> wildcards due to a >>>> variety of fake subdomains being spoofed. >>>> >>>> *Result:* >>>> - We're no longer accused of being spammers >>>> - "Only" ~600 spams detected in the last *week* (by DMARC-capable >>>> servers) >>>> - All were trying to spoof our domain >>>> - Of those, ~500 were from *.nxdomain, the rest at least had a real IP >>>> entry. >>>> >>>> Blessings, >>>> Pete >>>> >>>> ------------------------------ >>>> >>>> On 9 Jan 2019 Blason R via dmarc-discuss said... >>>> >>>> Hi Edward, >>>> >>>> How do I make it work for Inbound if my MTA/AntiSpam does not support? >>>> Not sure if I understood your question correctly but would appreciate if >>>> you can shed some light on this? lets say I am on google apps. >>>> >>>> Google Apps I guess bydefault takes care of Incoming mail. But what if >>>> I am using third party MTA which does not support Inbound DMARC checks? Yes >>>> most of them do support SPF and DKIM validation but not DMARC I guess. >>>> >>>> Please correct me if I am wrong. >>>> >>>> Thanks and regards, >>>> Blason R >>>> >>>> On Wed, Jan 9, 2019 at 7:00 PM Edward Siewick via dmarc-discuss < >>>> dmarc-discuss@dmarc.org> wrote: >>>> >>>> > Blason, >>>> > >>>> > Actually, consider implementing testing (SPF, DKIM) and DMARC for >>>> > inbound. Since you've implemented for everybody else, why not put >>>> these to >>>> > use for your own organization? >>>> > >>>> > Edward S. >>>> > >>>> > >>>> > On 1/8/2019 10:26 PM, Blason R via dmarc-discuss wrote: >>>> > >>>> > Hi DMARC Team, >>>> > >>>> > What I understand is DMARC is very beneficial for the mails which >>>> are >>>> > being sent from my domain to third party. But can we stop the emails >>>> coming >>>> > at me pretending to be my own domain? My assumption again here is we >>>> can >>>> > not and need to have AntiSpam policy to block looking at SPF and >>>> DKIM? >>>> > >>>> > TIA >>>> > Thanks and Regards >>>> > Blason R >>>> > >>>> > _______________________________________________ >>>> > dmarc-discuss mailing >>>> listdmarc-discuss@dmarc.orghttp://www.dmarc.org/mailman/listinfo/dmarc >>>> -discuss >>>> > >>>> > NOTE: Participating in this list means you agree to the DMARC Note >>>> Well terms (http://www.dmarc.org/note_well.html) >>>> > >>>> > _______________________________________________ >>>> > dmarc-discuss mailing list >>>> > dmarc-discuss@dmarc.org >>>> > http://www.dmarc.org/mailman/listinfo/dmarc-discuss >>>> > >>>> > NOTE: Participating in this list means you agree to the DMARC Note >>>> Well >>>> > terms (http://www.dmarc.org/note_well.html) >>>> >>>> >>> _______________________________________________ >>> dmarc-discuss mailing list >>> dmarc-discuss@dmarc.org >>> http://www.dmarc.org/mailman/listinfo/dmarc-discuss >>> >>> NOTE: Participating in this list means you agree to the DMARC Note Well >>> terms (http://www.dmarc.org/note_well.html) >> >>
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
