eric spf checks the envelope sender (reply to) and not the "mailfrom" email id
the spammer is sending an email with "mail from" as some user on my server example c...@mycustomer.com to emplo...@mycustomer.com but email is sent not from within my server but from some other external server. the scammer however has the envelope-sender / reply to as his legitimate email id and correctly configured. the qmailtoaster spf check is done not on the mailfrom but on the reply-to and the email gets delivered safely to the inbox of the employee. now what happens is that the employee sees that the email is from the ceo and immediately takes action which leads to a phishing scam. i wish to block emails where the mailfrom domain is on my server but the scam email is sent by a spammer from an external server posing as c...@mycustomer.com ... in other words email spoofing. thanks, rajesh ----- Original Message ----- From: Eric [mailto:ebr...@whitehorsetc.com] To: qmailtoaster-list@qmailtoaster.com Sent: Sun, 28 Aug 2016 13:03:16 -0600 Subject: Do you have an spf text record set up for domain_on_my_server.com? SPF should check the 'a' and 'mx' record for the domain, domain_on_my_server.com, against the sender IP address (the one that actually connected to you server). Are you saying that the spam sender is spoofing the originating IP address? On 8/28/2016 7:14 AM, Rajesh M wrote: > hi > > facing issue with email spoofing > > example spammer sends an email with "mailfrom" as : > user@domain_on_my_server.com > > and the envelope sender is the spammer's email id which has spf records > correctly in place > > and hence spf is not able to catch such spammers. > > how do i handle this ? > > thanks > rajesh > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > --------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
