Hi!
I'm looking for a (new?) way to prevent email address spoofing and disable the external sender alert text when an email is sent from a user of a domain to a user of another domain that are hosted on the same SmarterMail server.
Until now, I've added each my local hosted domain in the "Known External Domains" list and I've enabled Require Auth Match set to email address. In this way, authenticated users cannot spoof their email address, unauthenticated users cannot send emails spoofing the from address with an internal SM email address, and emails between internal domains are not marked with the external sender alert.
Yesterday I found a way to break in the text alert and my anti-spoof solution. See this SMTP log:
[...]
cmd: mail FROM:<> size=2146
senderEmail(1):
rsp: 250 OK <> Sender ok
Sender accepted. Weight: 0. Block threshold: 30.
cmd: data
Performing PTR host name lookup for [...]
PTR host name for [...] resolved as [...]
rsp: 354 Start mail input; end with <CRLF>.<CRLF>
Sender accepted. Weight: 10. Block threshold: 30. Failed checks: Truncate (5), Backscatter (5)
DMARC Results: Skipped (No Return Path), Reason: Unknown, Reject? False
rsp: 250 OK
Received message size: 2149 bytes
Successfully wrote to the HDR file. ([...]/26350167.hdr)
Data transfer succeeded, writing mail to 26350167.eml
cmd: quit
rsp: 221 OK
[...]
The email was marked as spam and moved to junk folder, but it appeared as sent from a local
mydomain.com address without any external sender alert.
My questions are:
- How can I prevent this type of email address spoofing? The recent option "Include MIME headers for auth match" could be useful? (It's not enabled because I'm worried about possible side effects).
- If I remove all my internal domains form known external domains list, what other ways can I prevent the alert from appearing in valid emails between different internal domains?
Thank you for your suggestions.
Daniele