2 Replies Latest reply: Apr 8, 2013 6:49 AM by JimKlimov RSS

    How to stop fake email

      Hi Oracle,
      I have an domain on mail server example: abc.com with user u1@abc.com
      Another guy out side internet can use fake email u1@abc.com send mail to u1@abc.com

      How do I stop it ?


      bash-3.00# ./imsimta version
      Oracle Communications Messaging Exchange Server 7u4-18.01 64bit (built Jul 15 2010)
      libimta.so 7u4-18.01 64bit (built 13:19:32, Jul 15 2010)
      Using /opt/sun/comms/messaging64/config/imta.cnf (compiled)
        • 1. Re: How to stop fake email
          Take a look at these pages:

          Handling Forged Email by Using the Sender Policy Framework

          How Do I Prevent Email Forgery By Using DKIM?

          Oracle Communications Messaging Server Best Practices for Fighting Email Spam
          • 2. Re: How to stop fake email
            You could also look into requiring SMTP AUTH for mails originating from your user accounts, at least from untrusted source hosts (perhaps based on examples about "mappings" and "imta.cnf" config files and examples on INTERNAL_IP, optional similar FRIENDLY_IP, and their order around RBL, metermaid and other simple-antispam features in the file, and requiring channel-switching) - this way fake emails from outside your network won't be able to originate so easily. Of course, whenever you request passwords (web, smtp, imap) - use SSL or STARTTLS to protect user logins and passes from sniffing on their way through the internet.