This discussion is archived
2 Replies Latest reply: Apr 8, 2013 4:49 AM by JimKlimov RSS

How to stop fake email

831622 Newbie
Currently Being Moderated
Hi Oracle,
I have an domain on mail server example: abc.com with user u1@abc.com
Another guy out side internet can use fake email u1@abc.com send mail to u1@abc.com

How do I stop it ?

Thanks!

bash-3.00# ./imsimta version
Oracle Communications Messaging Exchange Server 7u4-18.01 64bit (built Jul 15 2010)
libimta.so 7u4-18.01 64bit (built 13:19:32, Jul 15 2010)
Using /opt/sun/comms/messaging64/config/imta.cnf (compiled)
  • 1. Re: How to stop fake email
    kellyc-Oracle Journeyer
    Currently Being Moderated
    Take a look at these pages:

    Handling Forged Email by Using the Sender Policy Framework
    https://wikis.oracle.com/display/CommSuite/Handling+Forged+Email+by+Using+the+Sender+Policy+Framework

    How Do I Prevent Email Forgery By Using DKIM?
    https://wikis.oracle.com/pages/viewpage.action?pageId=15466677

    Oracle Communications Messaging Server Best Practices for Fighting Email Spam
    https://wikis.oracle.com/display/CommSuite/Messaging+Server+Best+Practices+for+Fighting+Email+Spam
  • 2. Re: How to stop fake email
    JimKlimov Newbie
    Currently Being Moderated
    You could also look into requiring SMTP AUTH for mails originating from your user accounts, at least from untrusted source hosts (perhaps based on examples about "mappings" and "imta.cnf" config files and examples on INTERNAL_IP, optional similar FRIENDLY_IP, and their order around RBL, metermaid and other simple-antispam features in the file, and requiring channel-switching) - this way fake emails from outside your network won't be able to originate so easily. Of course, whenever you request passwords (web, smtp, imap) - use SSL or STARTTLS to protect user logins and passes from sniffing on their way through the internet.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points