On 2011-04-01 11:22:04 (-0500), Vernon A. Fort <[email protected]> 
wrote:
> I'm trying to find a way to block/reject inbound messages forging our
> internal email addresses.  Meaning their inbound messages using MY email
> address but there not originating from my server.
> 
> I cannot seem to find the correct solution.  Anyone.
> 
> Vernon
> 

With restriction classes you can drop this spoofing.
Key is to first seperate your own server(s) (e.g. by giving them an OK
before this check). Afterwards if the sender-domain matches any of your
domain it must be spoofing (as only external servers reach this check) 
and you can just reject it.



Reply via email to